Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-5am8-72dc-8yer
Summary
Mozilla developer Boris Zbarsky reported that a frame
named "location" could shadow the window.location object unless a
script in a page grabbed a reference to the true object before the frame
was created. Because some plugins use the value of window.location to determine
the page origin this could fool the plugin into granting the plugin content
access to another site or the local file system in violation of the Same Origin
Policy. This flaw allows circumvention of the fix added for
MFSA 2010-10.
Aliases
0
alias CVE-2011-2999
Fixed_packages
0
url pkg:mozilla/Firefox@3.6.23
purl pkg:mozilla/Firefox@3.6.23
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.6.23
1
url pkg:mozilla/Firefox@6.0.0
purl pkg:mozilla/Firefox@6.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@6.0.0
2
url pkg:mozilla/SeaMonkey@2.3.0
purl pkg:mozilla/SeaMonkey@2.3.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@2.3.0
3
url pkg:mozilla/Thunderbird@3.1.15
purl pkg:mozilla/Thunderbird@3.1.15
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@3.1.15
4
url pkg:mozilla/Thunderbird@6.0.0
purl pkg:mozilla/Thunderbird@6.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Thunderbird@6.0.0
Affected_packages
References
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2999
reference_id CVE-2011-2999
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2999
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2011-38
reference_id mfsa2011-38
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2011-38
Weaknesses
Exploits
Severity_range_score7.0 - 8.9
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-5am8-72dc-8yer