CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
93.2%
The Mozilla Foundation reports:
MFSA 2008-69 XSS vulnerabilities in SessionStore
MFSA 2008-68 XSS and JavaScript privilege escalation
MFSA 2008-67 Escaped null characters ignored by CSS parser
MFSA 2008-66 Errors parsing URLs with leading whitespace and
control characters
MFSA 2008-65 Cross-domain data theft via script redirect error
message
MFSA 2008-64 XMLHttpRequest 302 response disclosure
MFSA 2008-62 Additional XSS attack vectors in feed preview
MFSA 2008-61 Information stealing via loadBindingDocument
MFSA 2008-60 Crashes with evidence of memory corruption
(rv:1.9.0.5/1.8.1.19)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | firefox | < 2.0.0.20,1 | UNKNOWN |
FreeBSD | any | noarch | linux-firefox | < 2.0.0.20 | UNKNOWN |
FreeBSD | any | noarch | seamonkey | < 1.1.14 | UNKNOWN |
FreeBSD | any | noarch | linux-seamonkey | < 1.1.14 | UNKNOWN |
FreeBSD | any | noarch | thunderbird | < 2.0.0.18 | UNKNOWN |
FreeBSD | any | noarch | linux-thunderbird | < 2.0.0.18 | UNKNOWN |
www.mozilla.org/security/announce/2008/mfsa2008-60.html
www.mozilla.org/security/announce/2008/mfsa2008-61.html
www.mozilla.org/security/announce/2008/mfsa2008-62.html
www.mozilla.org/security/announce/2008/mfsa2008-63.html
www.mozilla.org/security/announce/2008/mfsa2008-64.html
www.mozilla.org/security/announce/2008/mfsa2008-65.html
www.mozilla.org/security/announce/2008/mfsa2008-66.html
www.mozilla.org/security/announce/2008/mfsa2008-67.html
www.mozilla.org/security/announce/2008/mfsa2008-68.html
www.mozilla.org/security/announce/2008/mfsa2008-69.html