oval:org.mitre.oval:def:1625

Definition Id: oval:org.mitre.oval:def:1625

Oval ID:	oval:org.mitre.oval:def:1625
Title:	Mozilla "AnyName" Entrainment and Access Control Hazard
Description:	The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 exposes the internal "AnyName" object to external interfaces, which allows multiple cooperating domains to exchange information in violation of the same origin restrictions.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2006-0299	Version:	4
Platform(s):	Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003	Product(s):	mozilla
Definition Synopsis:
Mozilla Firefox version 1.5 is installed and has NOT been patched with version 1.5.0.1 Mozilla Firefox version 1.5 is installed AND Firefox version 1.5 or earlier is installed AND NOT The version of Firefox.exe is greater than or equal to 1.8.20060.11112 OR A pre-release of SeaMonkey 1.0 is installed A pre-release of SeaMonkey 1.0 is installed AND A pre-release of SeaMonkey 1.0 is installed