← back
CVE-2008-5023

CVE-2008-5023

EPSS 3.3%
Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR file.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=424733http://secunia.com/advisories/32684http://secunia.com/advisories/32693http://secunia.com/advisories/32694http://secunia.com/advisories/32695http://secunia.com/advisories/32713http://secunia.com/advisories/32714http://secunia.com/advisories/32721http://secunia.com/advisories/32778http://secunia.com/advisories/32845http://secunia.com/advisories/32853