|
|
CVE Reference: CVE-2008-5015 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-5015 |
|
|
Description: Mozilla Firefox 3.x before 3.0.4 assigns chrome privileges to a file: URI when it is accessed in the same tab from a chrome or privileged about: page, which makes it easier for user-assisted attackers to execute arbitrary JavaScript with chrome privileges via malicious code in a file that has already been saved on the local system. |
|
|
CVE Status: Candidate |
|
|
References: SUSE http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 ST 1021191 SAID Secunia Advisory: SA32695 Secunia Advisory: SA32721 Secunia Advisory: SA34501 REDHAT http://www.redhat.com/support/errata/RHSA-2008-0978.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11063 MISC FEDORA CONFIRM http://www.mozilla.org/security/announce/2008/mfsa2008-51.html CERT http://www.us-cert.gov/cas/techalerts/TA08-319A.html BID 32281 |
|
| Return to the previous page. |
