5
CVE-2002-2437
- EPSS 0.29%
- Published 07.12.2011 19:55:01
- Last modified 11.04.2025 00:51:21
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
The JavaScript implementation in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method.
Data is provided by the National Vulnerability Database (NVD)
Mozilla ≫ Thunderbird Version <= 3.1.16
Mozilla ≫ Thunderbird Version3.0
Mozilla ≫ Thunderbird Version3.0.1
Mozilla ≫ Thunderbird Version3.0.2
Mozilla ≫ Thunderbird Version3.0.3
Mozilla ≫ Thunderbird Version3.0.4
Mozilla ≫ Thunderbird Version3.0.5
Mozilla ≫ Thunderbird Version3.0.6
Mozilla ≫ Thunderbird Version3.0.7
Mozilla ≫ Thunderbird Version3.0.8
Mozilla ≫ Thunderbird Version3.0.9
Mozilla ≫ Thunderbird Version3.0.10
Mozilla ≫ Thunderbird Version3.0.11
Mozilla ≫ Thunderbird Version3.1
Mozilla ≫ Thunderbird Version3.1.1
Mozilla ≫ Thunderbird Version3.1.2
Mozilla ≫ Thunderbird Version3.1.3
Mozilla ≫ Thunderbird Version3.1.4
Mozilla ≫ Thunderbird Version3.1.5
Mozilla ≫ Thunderbird Version3.1.6
Mozilla ≫ Thunderbird Version3.1.7
Mozilla ≫ Thunderbird Version3.1.8
Mozilla ≫ Thunderbird Version3.1.9
Mozilla ≫ Thunderbird Version3.1.10
Mozilla ≫ Thunderbird Version3.1.11
Mozilla ≫ Thunderbird Version3.1.12
Mozilla ≫ Thunderbird Version3.1.13
Mozilla ≫ Thunderbird Version3.1.14
Mozilla ≫ Thunderbird Version3.1.15
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.29% | 0.497 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|