1
PublicDateAtUSN: 2009-07-22
2
Candidate: CVE-2009-2472
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2472
6
https://usn.ubuntu.com/usn/usn-798-1
8
Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper
9
when required during object construction, which allows remote attackers to
10
bypass the Same Origin Policy and conduct cross-site scripting (XSS)
11
attacks via a crafted document, related to a "cross origin wrapper bypass."
20
upstream_firefox: needs-triage
21
dapper_firefox: ignored (reached end-of-life)
22
hardy_firefox: not-affected
26
devel_firefox: not-affected
29
Patches_xulrunner-1.9:
30
upstream_xulrunner-1.9: needs-triage
31
dapper_xulrunner-1.9: DNE
32
hardy_xulrunner-1.9: released (1.9.0.12+build1+nobinonly-0ubuntu0.8.04.1)
33
intrepid_xulrunner-1.9: released (1.9.0.12+build1+nobinonly-0ubuntu0.8.10.2)
34
jaunty_xulrunner-1.9: released (1.9.0.12+build1+nobinonly-0ubuntu0.9.04.1)
35
karmic_xulrunner-1.9: DNE
36
devel_xulrunner-1.9: DNE
38
Patches_xulrunner-1.9.1:
39
upstream_xulrunner-1.9.1: needs-triage
40
dapper_xulrunner-1.9.1: DNE
41
hardy_xulrunner-1.9.1: DNE
42
intrepid_xulrunner-1.9.1: DNE
43
jaunty_xulrunner-1.9.1: released (1.9.1.1+build1+nobinonly-0ubuntu0.9.04.1)
44
karmic_xulrunner-1.9.1: released (1.9.1.1+build1+nobinonly-0ubuntu1)
45
devel_xulrunner-1.9.1: released (1.9.1.1+build1+nobinonly-0ubuntu1)