CVE-2008-5022
CVE-2008-5022
The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrary script via multiple listeners, which bypass the inner window check.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=460002http://secunia.com/advisories/32684http://secunia.com/advisories/32693http://secunia.com/advisories/32694http://secunia.com/advisories/32695http://secunia.com/advisories/32713http://secunia.com/advisories/32714http://secunia.com/advisories/32715http://secunia.com/advisories/32721http://secunia.com/advisories/32778http://secunia.com/advisories/32798