CVE-2008-5019 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-5019
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-5019

Description: The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting (XSS) attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors.

CVE Status: Candidate

References: SUSE http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 ST 1021184 SAID Secunia Advisory: SA32695 Secunia Advisory: SA32693 Secunia Advisory: SA32694 Secunia Advisory: SA32721 Secunia Advisory: SA34501 REDHAT http://www.redhat.com/support/errata/RHSA-2008-0977.html http://www.redhat.com/support/errata/RHSA-2008-0978.html MISC MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:228 FEDORA CONFIRM http://www.mozilla.org/security/announce/2008/mfsa2008-53.html CERT http://www.us-cert.gov/cas/techalerts/TA08-319A.html BID 32281

Return to the previous page.