Design/Logic Flaw

🗓️ 09 Feb 2008 01:00:00Reported by PRIOn knowledge baseType

Gecko-based browsers modify .href property of stylesheet DOM nodes, allowing bypass of Same Origin Policy and potential sensitive information leakag

Reporter	Title	Published	Views	Family All 252
Tenable Nessus	Mozilla Firefox < 2.0.0.12 Multiple Vulnerabilities	8 Feb 200800:00	–	nessus
Tenable Nessus	SeaMonkey < 1.1.8 Multiple Vulnerabilities	8 Feb 200800:00	–	nessus
Tenable Nessus	Mozilla Thunderbird < 2.0.0.12 Multiple Vulnerabilities	8 Feb 200800:00	–	nessus
Tenable Nessus	CentOS 4 / 5 : firefox (CESA-2008:0103)	11 Feb 200800:00	–	nessus
Tenable Nessus	CentOS 3 / 4 : seamonkey (CESA-2008:0104)	11 Feb 200800:00	–	nessus
Tenable Nessus	CentOS 4 / 5 : thunderbird (CESA-2008:0105)	11 Feb 200800:00	–	nessus
Tenable Nessus	Debian DSA-1484-1 : xulrunner - several vulnerabilities	11 Feb 200800:00	–	nessus
Tenable Nessus	Debian DSA-1485-2 : icedove - several vulnerabilities	11 Feb 200800:00	–	nessus
Tenable Nessus	Debian DSA-1489-1 : iceweasel - several vulnerabilities	11 Feb 200800:00	–	nessus
Tenable Nessus	Debian DSA-1506-1 : iceape - several vulnerabilities	25 Feb 200800:00	–	nessus

Source	Link
mozilla	www.mozilla.org/security/announce/2008/mfsa2008-10.html
bugzilla	www.bugzilla.mozilla.org/show_bug.cgi
wiki	www.wiki.rpath.com/Advisories:rPSA-2008-0051
debian	www.debian.org/security/2008/dsa-1484
debian	www.debian.org/security/2008/dsa-1485
debian	www.debian.org/security/2008/dsa-1489
redhat	www.redhat.com/support/errata/RHSA-2008-0103.html
redhat	www.redhat.com/support/errata/RHSA-2008-0104.html
redhat	www.redhat.com/support/errata/RHSA-2008-0105.html
ubuntu	www.ubuntu.com/usn/usn-576-1

15 Oct 2018 22:01Current

6.3Medium risk

Vulners AI Score6.3

EPSS0.01092