The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 184.108.40.206, Thunderbird 2.x before 220.127.116.11, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms such as sanitization routines.
Publish Date : 2008-12-17 Last Update Date : 2012-10-30
OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify
a vulnerability or a missing patch. Check out the OVAL definitions
if you want to learn what you should do to verify a vulnerability.