Lucene search
Mozilla FoundationMFSA2008-61HistoryDec 16, 2008 - 12:00 a.m.
Information stealing via loadBindingDocument — Mozilla
2008-12-1600:00:00
Mozilla Foundation
www.mozilla.org
9
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
0.044 Low
EPSS
Percentile
92.5%
Mozilla developer Boris Zbarsky reported that XBL bindings could be used to read data from other domains, a violation of the same-origin policy. The severity of this issue was determined to be moderate due to several mitigating factors:
Affected configurations
Node
mozillafirefoxRange<2.0.0.19
ORmozillaseamonkeyRange<1.1.14
ORmozillathunderbirdRange<2.0.0.19
Related
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2008-61
2008-12-18 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey multiple seucrity vulnerabilities
2008-12-19 00:00:00
ubuntucve
ubuntucve
CVE-2008-5503
2008-12-17 00:00:00
nvd
nvd
CVE-2008-5503
2008-12-17 23:30:00
veracode
veracode
Information Disclosure
2020-04-10 00:28:10
cvelist
cvelist
CVE-2008-5503
2008-12-17 23:00:00
cve
cve
CVE-2008-5503
2008-12-17 23:30:00
prion
prion
Security feature bypass
2008-12-17 23:30:00
ubuntu
ubuntu
Firefox vulnerabilities
2008-12-18 00:00:00
Thunderbird vulnerabilities
2009-01-06 00:00:00
Thunderbird vulnerabilities
2009-01-06 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-690-3)
2009-03-23 00:00:00
Ubuntu Update for firefox vulnerabilities USN-690-3
2009-03-23 00:00:00
Debian Security Advisory DSA 1704-1 (xulrunner)
2009-01-20 00:00:00
debian
debian
[SECURITY] [DSA 1704-1] New xulrunner packages fix several vulnerabilities
2009-01-14 20:28:56
[SECURITY] [DSA 1707-1] New iceweasel packages fix several vulnerabilities
2009-01-15 22:03:27
[SECURITY] [DSA 1696-1] New icedove packages fix several vulnerabilities
2009-01-07 21:32:09
osv
osv
xulrunner - several vulnerabilities
2009-01-14 00:00:00
iceweasel - several vulnerabilities
2009-01-15 00:00:00
icedove - several vulnerabilities
2009-01-07 00:00:00
nessus
nessus
Ubuntu 6.06 LTS : mozilla-thunderbird vulnerabilities (USN-701-2)
2013-03-09 00:00:00
Debian DSA-1704-1 : xulrunner - several vulnerabilities
2009-01-15 00:00:00
SuSE9 Security Update : Epiphany (YOU Patch Number 12326)
2009-09-24 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: seamonkey-1.1.14-1.fc10
2008-12-21 08:40:41
[SECURITY] Fedora 8 Update: seamonkey-1.1.14-1.fc8
2008-12-21 08:25:27
[SECURITY] Fedora 9 Update: seamonkey-1.1.14-1.fc9
2008-12-21 08:44:36
centos
centos
thunderbird security update
2009-01-08 14:35:58
seamonkey security update
2008-12-22 02:56:59
seamonkey security update
2008-12-17 15:28:51
oraclelinux
oraclelinux
thunderbird security update
2009-01-07 00:00:00
seamonkey security update
2008-12-17 00:00:00
redhat
redhat
(RHSA-2009:0002) Moderate: thunderbird security update
2009-01-07 00:00:00
(RHSA-2008:1037) Critical: seamonkey security update
2008-12-16 00:00:00
suse
suse
remote code execution in MozillaFirefox,seamonkey
2008-12-19 13:50:24
remote code execution in MozillaFirefox,MozillaThunderbird,mozilla
2009-01-14 11:55:45
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
freebsd
freebsd
mozilla -- multiple vulnerabilities
2008-12-17 00:00:00
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
0.044 Low
EPSS
Percentile
92.5%
Related for MFSA2008-61