Lucene search
Mozilla FoundationMFSA2008-28HistoryJul 01, 2008 - 12:00 a.m.
Arbitrary socket connections with Java LiveConnect on Mac OS X β Mozilla
2008-07-0100:00:00
Mozilla Foundation
www.mozilla.org
6
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.024 Low
EPSS
Percentile
89.8%
Security researcher Gregory Fleischer reported a vulnerability in the way Mozilla indicates the origin of a document to the Java Embedding Plugin (JEP) that ships with Firefox on Mac OS X. This vulnerability could allow a malicious Java applet to bypass the same-origin policy and create arbitrary socket connections to other domains.
Related
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2008-28
2008-07-03 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2008-07-03 00:00:00
ubuntucve
ubuntucve
CVE-2008-2806
2008-07-07 00:00:00
cve
cve
CVE-2008-2806
2008-07-07 23:41:00
prion
prion
Design/Logic Flaw
2008-07-07 23:41:00
suse
suse
remote code execution in MozillaFirefox
2008-07-11 13:26:28
ubuntu
ubuntu
Firefox vulnerabilities
2008-07-02 00:00:00
seebug
seebug
Mozilla Firefox 2.0.0.14εε¨ε€δΈͺθΏη¨ζΌζ΄
2008-07-03 00:00:00
openvas
openvas
Mozilla Seamonkey Multiple Vulnerability July-08 (Windows)
2008-10-06 00:00:00
SLES10: Security update for MozillaFirefox
2009-10-13 00:00:00
Mozilla Seamonkey Multiple Vulnerabilities (Jul 2008) - Linux
2008-10-07 00:00:00
nessus
nessus
Ubuntu 6.06 LTS / 7.04 / 7.10 : firefox vulnerabilities (USN-619-1)
2008-07-08 00:00:00
SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 5405)
2008-07-15 00:00:00
Firefox < 2.0.0.15 Multiple Vulnerabilities
2008-07-02 00:00:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.024 Low
EPSS
Percentile
89.8%
Related for MFSA2008-28