CVE-2008-2806

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 on Mac OS X allow remote attackers to bypass the Same Origin Policy and create arbitrary socket connections via a crafted Java applet, related to the Java Embedding Plugin JEP and Java LiveConnect...

Mozilla Foundation Security Advisory 2008-28

Mozilla Foundation Security Advisory 2008-28 Title: Arbitrary socket connections with Java LiveConnect on Mac OS X Impact: High Announced: July 1, 2008 Reporter: Gregory Fleischer Products: Firefox, SeaMonkey Fixed in: Firefox 3.0 Firefox 2.0.0.15 SeaMonkey 1.1.10 Description Security researcher...

Arbitrary socket connections with Java LiveConnect on Mac OS X — Mozilla

Security researcher Gregory Fleischer reported a vulnerability in the way Mozilla indicates the origin of a document to the Java Embedding Plugin JEP that ships with Firefox on Mac OS X. This vulnerability could allow a malicious Java applet to bypass the same-origin policy and create arbitrary...

Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : firefox vulnerabilities (USN-592-1)

Alexey Proskuryakov, Yosuke Hasegawa and Simon Montagu discovered flaws in Firefox's character encoding handling. If a user were tricked into opening a malicious web page, an attacker could perform cross-site scripting attacks. CVE-2008-0416 Various flaws were discovered in the JavaScript engine...

USN-592-1: Firefox vulnerabilities

Alexey Proskuryakov, Yosuke Hasegawa and Simon Montagu discovered flaws in Firefox's character encoding handling. If a user were tricked into opening a malicious web page, an attacker could perform cross-site scripting attacks. CVE-2008-0416 Various flaws were discovered in the JavaScript engine...