Lucene search
Mozilla FoundationMFSA2008-24HistoryJul 01, 2008 - 12:00 a.m.
Chrome script loading from fastload file β Mozilla
2008-07-0100:00:00
Mozilla Foundation
www.mozilla.org
20
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.585
Percentile
97.8%
Mozilla security researcher moz_bug_r_a4 reported that when non-priviliged XUL documents include scripts from chrome: URIs used in the browser it was possible to take advantage of the privilege level stored in the pre-compiled βfastloadβ file. This could allow an attacker to run arbitrary JavaScript code with chrome privileges.
Affected configurations
Node
mozillafirefoxRange<2.0.0.15
ORmozillafirefoxRange<3
ORmozillaseamonkeyRange<1.1.10
ORmozillathunderbirdRange<2.0.0.16
Related
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2008-24
2008-07-03 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2008-07-03 00:00:00
nvd
nvd
CVE-2008-2802
2008-07-07 23:41:00
prion
prion
Design/Logic Flaw
2008-07-07 23:41:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:24:10
ubuntucve
ubuntucve
CVE-2008-2802
2008-07-07 00:00:00
cve
cve
CVE-2008-2802
2008-07-07 23:41:00
cvelist
cvelist
CVE-2008-2802
2008-07-07 23:00:00
openvas
openvas
Mozilla Thunderbird Multiple Vulnerabilities (Jul 2008) - Windows
2008-10-06 00:00:00
Mozilla Thunderbird Multiple Vulnerabilities (Jul 2008) - Linux
2008-10-07 00:00:00
Mozilla Thunderbird Multiple Vulnerability July-08 (Linux)
2008-10-07 00:00:00
nessus
nessus
Fedora 9 : thunderbird-2.0.0.16-1.fc9 (2008-6737)
2008-08-08 00:00:00
Slackware 10.2 / 11.0 / 12.0 / 12.1 / current : mozilla-thunderbird (SSA:2008-210-05)
2008-07-29 00:00:00
Mozilla Thunderbird < 2.0.0.16 Multiple Vulnerabilities
2008-07-24 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: thunderbird-2.0.0.16-1.fc8
2008-08-07 23:56:32
[SECURITY] Fedora 9 Update: thunderbird-2.0.0.16-1.fc9
2008-08-07 23:54:31
[SECURITY] Fedora 8 Update: epiphany-2.20.3-5.fc8
2008-07-06 06:14:11
ubuntu
ubuntu
Thunderbird vulnerabilities
2008-07-25 00:00:00
Firefox vulnerabilities
2008-07-02 00:00:00
osv
osv
icedove - several vulnerabilities
2008-07-27 00:00:00
iceweasel - several vulnerabilities
2008-07-11 00:00:00
xulrunner - several vulnerabilities
2008-07-23 00:00:00
debian
debian
[SECURITY] [DSA 1621-1] New icedove packages fix several vulnerabilities
2008-07-27 21:38:47
[SECURITY] [DSA 1607-1] New iceweasel packages fix several vulnerabilities
2008-07-11 16:11:41
[SECURITY] [DSA 1615-1] New xulrunner packages fix several vulnerabilities
2008-07-23 20:33:58
centos
centos
seamonkey security update
2008-07-02 19:43:27
devhelp, firefox, xulrunner, yelp security update
2008-07-06 14:53:42
seamonkey security update
2008-07-03 00:05:00
oraclelinux
oraclelinux
seamonkey security update
2008-07-02 00:00:00
firefox security update
2008-07-02 00:00:00
firefox security update
2008-07-02 00:00:00
redhat
redhat
(RHSA-2008:0547) Critical: seamonkey security update
2008-07-02 00:00:00
(RHSA-2008:0549) Critical: firefox security update
2008-07-02 00:00:00
(RHSA-2008:0569) Critical: firefox security update
2008-07-02 00:00:00
seebug
seebug
Mozilla Firefox 2.0.0.14εε¨ε€δΈͺθΏη¨ζΌζ΄
2008-07-03 00:00:00
suse
suse
remote code execution in MozillaFirefox
2008-07-11 13:26:28
gentoo
gentoo
Mozilla products: Multiple vulnerabilities
2008-08-06 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.585
Percentile
97.8%
Related for MFSA2008-24