Lucene search
Mozilla FoundationMFSA2008-68HistoryDec 16, 2008 - 12:00 a.m.
XSS and JavaScript privilege escalation — Mozilla
2008-12-1600:00:00
Mozilla Foundation
www.mozilla.org
27
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.007 Low
EPSS
Percentile
79.4%
Mozilla security researcher moz_bug_r_a4 reported that an XBL binding, when attached to an unloaded document, can be used to violate the same-origin policy and execute arbitrary JavaScript within the context of a different website.
Related
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2008-68
2008-12-18 00:00:00
cve
cve
CVE-2008-5512
2008-12-17 23:30:00
CVE-2008-5511
2008-12-17 23:30:00
prion
prion
Cross site scripting
2008-12-17 23:30:00
Code injection
2008-12-17 23:30:00
ubuntucve
ubuntucve
CVE-2008-5512
2008-12-17 00:00:00
CVE-2008-5511
2008-12-17 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:28:12
Same-Origin Policy Bypass
2020-04-10 00:28:12
openvas
openvas
Ubuntu Update for firefox vulnerabilities USN-690-3
2009-03-23 00:00:00
Ubuntu: Security Advisory (USN-690-3)
2009-03-23 00:00:00
Ubuntu: Security Advisory (USN-701-2)
2009-01-13 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2008-12-18 00:00:00
Thunderbird vulnerabilities
2009-01-06 00:00:00
Thunderbird vulnerabilities
2009-01-06 00:00:00
nessus
nessus
Debian DSA-1704-1 : xulrunner - several vulnerabilities
2009-01-15 00:00:00
Ubuntu 6.06 LTS : mozilla-thunderbird vulnerabilities (USN-701-2)
2013-03-09 00:00:00
openSUSE Security Update : mozilla-xulrunner190 (mozilla-xulrunner190-382)
2009-07-21 00:00:00
osv
osv
xulrunner - several vulnerabilities
2009-01-14 00:00:00
iceweasel - several vulnerabilities
2009-01-15 00:00:00
debian
debian
[SECURITY] [DSA 1704-1] New xulrunner packages fix several vulnerabilities
2009-01-14 20:28:56
[SECURITY] [DSA 1707-1] New iceweasel packages fix several vulnerabilities
2009-01-15 22:03:27
fedora
fedora
[SECURITY] Fedora 9 Update: seamonkey-1.1.14-1.fc9
2008-12-21 08:44:36
[SECURITY] Fedora 8 Update: seamonkey-1.1.14-1.fc8
2008-12-21 08:25:27
[SECURITY] Fedora 10 Update: seamonkey-1.1.14-1.fc10
2008-12-21 08:40:41
oraclelinux
oraclelinux
thunderbird security update
2009-01-07 00:00:00
seamonkey security update
2008-12-17 00:00:00
firefox security update
2008-12-17 00:00:00
redhat
redhat
(RHSA-2009:0002) Moderate: thunderbird security update
2009-01-07 00:00:00
(RHSA-2008:1036) Critical: firefox security update
2008-12-16 00:00:00
(RHSA-2008:1037) Critical: seamonkey security update
2008-12-16 00:00:00
centos
centos
thunderbird security update
2009-01-08 14:35:58
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.007 Low
EPSS
Percentile
79.4%
Related for MFSA2008-68