CVE-2008-3836 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-3836
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-3836

Description: feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers to execute scripts with chrome privileges via vectors related to feed preview and the (1) elem.doCommand, (2) elem.dispatchEvent, (3) _setTitleText, (4) _setTitleImage, and (5) _initSubscriptionUI functions.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/45350 UBUNTU http://www.ubuntu.com/usn/usn-645-1 http://www.ubuntu.com/usn/usn-645-2 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 ST 1020914 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232 SAID Secunia Advisory: SA31984 Secunia Advisory: SA32845 Secunia Advisory: SA34501 Secunia Advisory: SA32042 Secunia Advisory: SA32144 Secunia Advisory: SA32012 Secunia Advisory: SA33433 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:205 DEBIAN http://www.debian.org/security/2009/dsa-1697 http://www.debian.org/security/2008/dsa-1669 CONFIRM http://download.novell.com/Download?buildid=WZXONb-tqBw~ http://www.mozilla.org/security/announce/2008/mfsa2008-39.html BID 31346

Return to the previous page.