Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle certain redirections involving data: URLs and Java LiveConnect scripts, which allows remote attackers to start processes, read arbitrary local files, and establish network connections via vectors involving a refresh value in the http-equiv attribute of a META element, which causes the wrong security principal to be used.
2010-12-10T19:00:02.673
2025-04-11T00:51:21.963
Deferred
CVSSv2: 9.3 (HIGH)
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.6
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | mozilla | firefox | 3.6 | Yes |
| Application | mozilla | firefox | 3.6.2 | Yes |
| Application | mozilla | firefox | 3.6.3 | Yes |
| Application | mozilla | firefox | 3.6.4 | Yes |
| Application | mozilla | firefox | 3.6.6 | Yes |
| Application | mozilla | firefox | 3.6.7 | Yes |
| Application | mozilla | firefox | 3.6.8 | Yes |
| Application | mozilla | firefox | 3.6.9 | Yes |
| Application | mozilla | firefox | 3.6.10 | Yes |
| Application | mozilla | firefox | 3.6.11 | Yes |
| Application | mozilla | firefox | 3.6.12 | Yes |
| Application | mozilla | seamonkey | ≤ 2.0.10 | Yes |
| Application | mozilla | seamonkey | 1.0 | Yes |
| Application | mozilla | seamonkey | 1.0 | Yes |
| Application | mozilla | seamonkey | 1.0 | Yes |
| Application | mozilla | seamonkey | 1.0.1 | Yes |
| Application | mozilla | seamonkey | 1.0.2 | Yes |
| Application | mozilla | seamonkey | 1.0.3 | Yes |
| Application | mozilla | seamonkey | 1.0.4 | Yes |
| Application | mozilla | seamonkey | 1.0.5 | Yes |
| Application | mozilla | seamonkey | 1.0.6 | Yes |
| Application | mozilla | seamonkey | 1.0.7 | Yes |
| Application | mozilla | seamonkey | 1.0.8 | Yes |
| Application | mozilla | seamonkey | 1.0.9 | Yes |
| Application | mozilla | seamonkey | 1.1 | Yes |
| Application | mozilla | seamonkey | 1.1 | Yes |
| Application | mozilla | seamonkey | 1.1 | Yes |
| Application | mozilla | seamonkey | 1.1.1 | Yes |
| Application | mozilla | seamonkey | 1.1.2 | Yes |
| Application | mozilla | seamonkey | 1.1.3 | Yes |
| Application | mozilla | seamonkey | 1.1.4 | Yes |
| Application | mozilla | seamonkey | 1.1.5 | Yes |
| Application | mozilla | seamonkey | 1.1.6 | Yes |
| Application | mozilla | seamonkey | 1.1.7 | Yes |
| Application | mozilla | seamonkey | 1.1.8 | Yes |
| Application | mozilla | seamonkey | 1.1.9 | Yes |
| Application | mozilla | seamonkey | 1.1.10 | Yes |
| Application | mozilla | seamonkey | 1.1.11 | Yes |
| Application | mozilla | seamonkey | 1.1.12 | Yes |
| Application | mozilla | seamonkey | 1.1.13 | Yes |
| Application | mozilla | seamonkey | 1.1.14 | Yes |
| Application | mozilla | seamonkey | 1.1.15 | Yes |
| Application | mozilla | seamonkey | 1.1.16 | Yes |
| Application | mozilla | seamonkey | 1.1.17 | Yes |
| Application | mozilla | seamonkey | 1.1.18 | Yes |
| Application | mozilla | seamonkey | 1.1.19 | Yes |
| Application | mozilla | seamonkey | 1.5.0.8 | Yes |
| Application | mozilla | seamonkey | 1.5.0.9 | Yes |
| Application | mozilla | seamonkey | 1.5.0.10 | Yes |
| Application | mozilla | seamonkey | 2.0 | Yes |
| Application | mozilla | seamonkey | 2.0 | Yes |
| Application | mozilla | seamonkey | 2.0 | Yes |
| Application | mozilla | seamonkey | 2.0 | Yes |
| Application | mozilla | seamonkey | 2.0 | Yes |
| Application | mozilla | seamonkey | 2.0 | Yes |
| Application | mozilla | seamonkey | 2.0 | Yes |
| Application | mozilla | seamonkey | 2.0 | Yes |
| Application | mozilla | seamonkey | 2.0.1 | Yes |
| Application | mozilla | seamonkey | 2.0.2 | Yes |
| Application | mozilla | seamonkey | 2.0.3 | Yes |
| Application | mozilla | seamonkey | 2.0.4 | Yes |
| Application | mozilla | seamonkey | 2.0.5 | Yes |
| Application | mozilla | seamonkey | 2.0.6 | Yes |
| Application | mozilla | seamonkey | 2.0.7 | Yes |
| Application | mozilla | seamonkey | 2.0.8 | Yes |
| Application | mozilla | seamonkey | 2.0.9 | Yes |
| Application | mozilla | firefox | ≤ 3.5.15 | Yes |
| Application | mozilla | firefox | 0.1 | Yes |
| Application | mozilla | firefox | 0.2 | Yes |
| Application | mozilla | firefox | 0.3 | Yes |
| Application | mozilla | firefox | 0.4 | Yes |
| Application | mozilla | firefox | 0.5 | Yes |
| Application | mozilla | firefox | 0.6 | Yes |
| Application | mozilla | firefox | 0.6.1 | Yes |
| Application | mozilla | firefox | 0.7 | Yes |
| Application | mozilla | firefox | 0.7.1 | Yes |
| Application | mozilla | firefox | 0.8 | Yes |
| Application | mozilla | firefox | 0.9 | Yes |
| Application | mozilla | firefox | 0.9 | Yes |
| Application | mozilla | firefox | 0.9.1 | Yes |
| Application | mozilla | firefox | 0.9.2 | Yes |
| Application | mozilla | firefox | 0.9.3 | Yes |
| Application | mozilla | firefox | 0.10 | Yes |
| Application | mozilla | firefox | 0.10.1 | Yes |
| Application | mozilla | firefox | 1.0 | Yes |
| Application | mozilla | firefox | 1.0 | Yes |
| Application | mozilla | firefox | 1.0.1 | Yes |
| Application | mozilla | firefox | 1.0.2 | Yes |
| Application | mozilla | firefox | 1.0.3 | Yes |
| Application | mozilla | firefox | 1.0.4 | Yes |
| Application | mozilla | firefox | 1.0.5 | Yes |
| Application | mozilla | firefox | 1.0.6 | Yes |
| Application | mozilla | firefox | 1.0.7 | Yes |
| Application | mozilla | firefox | 1.0.8 | Yes |
| Application | mozilla | firefox | 1.4.1 | Yes |
| Application | mozilla | firefox | 1.5 | Yes |
| Application | mozilla | firefox | 1.5 | Yes |
| Application | mozilla | firefox | 1.5 | Yes |
| Application | mozilla | firefox | 1.5.0.1 | Yes |
| Application | mozilla | firefox | 1.5.0.2 | Yes |
| Application | mozilla | firefox | 1.5.0.3 | Yes |
| Application | mozilla | firefox | 1.5.0.4 | Yes |
| Application | mozilla | firefox | 1.5.0.5 | Yes |
| Application | mozilla | firefox | 1.5.0.6 | Yes |
| Application | mozilla | firefox | 1.5.0.7 | Yes |
| Application | mozilla | firefox | 1.5.0.8 | Yes |
| Application | mozilla | firefox | 1.5.0.9 | Yes |
| Application | mozilla | firefox | 1.5.0.10 | Yes |
| Application | mozilla | firefox | 1.5.0.11 | Yes |
| Application | mozilla | firefox | 1.5.0.12 | Yes |
| Application | mozilla | firefox | 1.5.1 | Yes |
| Application | mozilla | firefox | 1.5.2 | Yes |
| Application | mozilla | firefox | 1.5.3 | Yes |
| Application | mozilla | firefox | 1.5.4 | Yes |
| Application | mozilla | firefox | 1.5.5 | Yes |
| Application | mozilla | firefox | 1.5.6 | Yes |
| Application | mozilla | firefox | 1.5.7 | Yes |
| Application | mozilla | firefox | 1.5.8 | Yes |
| Application | mozilla | firefox | 1.8 | Yes |
| Application | mozilla | firefox | 2.0 | Yes |
| Application | mozilla | firefox | 2.0.0.1 | Yes |
| Application | mozilla | firefox | 2.0.0.2 | Yes |
| Application | mozilla | firefox | 2.0.0.3 | Yes |
| Application | mozilla | firefox | 2.0.0.4 | Yes |
| Application | mozilla | firefox | 2.0.0.5 | Yes |
| Application | mozilla | firefox | 2.0.0.6 | Yes |
| Application | mozilla | firefox | 2.0.0.7 | Yes |
| Application | mozilla | firefox | 2.0.0.8 | Yes |
| Application | mozilla | firefox | 2.0.0.9 | Yes |
| Application | mozilla | firefox | 2.0.0.10 | Yes |
| Application | mozilla | firefox | 2.0.0.11 | Yes |
| Application | mozilla | firefox | 2.0.0.12 | Yes |
| Application | mozilla | firefox | 2.0.0.13 | Yes |
| Application | mozilla | firefox | 2.0.0.14 | Yes |
| Application | mozilla | firefox | 2.0.0.15 | Yes |
| Application | mozilla | firefox | 2.0.0.16 | Yes |
| Application | mozilla | firefox | 2.0.0.17 | Yes |
| Application | mozilla | firefox | 2.0.0.18 | Yes |
| Application | mozilla | firefox | 2.0.0.19 | Yes |
| Application | mozilla | firefox | 2.0.0.20 | Yes |
| Application | mozilla | firefox | 3.0 | Yes |
| Application | mozilla | firefox | 3.0.1 | Yes |
| Application | mozilla | firefox | 3.0.2 | Yes |
| Application | mozilla | firefox | 3.0.3 | Yes |
| Application | mozilla | firefox | 3.0.4 | Yes |
| Application | mozilla | firefox | 3.0.5 | Yes |
| Application | mozilla | firefox | 3.0.6 | Yes |
| Application | mozilla | firefox | 3.0.7 | Yes |
| Application | mozilla | firefox | 3.0.8 | Yes |
| Application | mozilla | firefox | 3.0.9 | Yes |
| Application | mozilla | firefox | 3.0.10 | Yes |
| Application | mozilla | firefox | 3.0.11 | Yes |
| Application | mozilla | firefox | 3.0.12 | Yes |
| Application | mozilla | firefox | 3.0.13 | Yes |
| Application | mozilla | firefox | 3.0.14 | Yes |
| Application | mozilla | firefox | 3.0.15 | Yes |
| Application | mozilla | firefox | 3.0.16 | Yes |
| Application | mozilla | firefox | 3.0.17 | Yes |
| Application | mozilla | firefox | 3.5 | Yes |
| Application | mozilla | firefox | 3.5.1 | Yes |
| Application | mozilla | firefox | 3.5.2 | Yes |
| Application | mozilla | firefox | 3.5.3 | Yes |
| Application | mozilla | firefox | 3.5.4 | Yes |
| Application | mozilla | firefox | 3.5.5 | Yes |
| Application | mozilla | firefox | 3.5.6 | Yes |
| Application | mozilla | firefox | 3.5.7 | Yes |
| Application | mozilla | firefox | 3.5.8 | Yes |
| Application | mozilla | firefox | 3.5.9 | Yes |
| Application | mozilla | firefox | 3.5.10 | Yes |
| Application | mozilla | firefox | 3.5.11 | Yes |
| Application | mozilla | firefox | 3.5.12 | Yes |
| Application | mozilla | firefox | 3.5.13 | Yes |
| Application | mozilla | firefox | 3.5.14 | Yes |