← back
CVE-2008-5503

CVE-2008-5503

EPSS 1.5%
The loadBindingDocument function in Mozilla Firefox 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not perform any security checks related to the same-domain policy, which allows remote attackers to read or access data from other domains via crafted XBL bindings.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugzilla.mozilla.org/show_bug.cgi?id=379959http://secunia.com/advisories/33184http://secunia.com/advisories/33189http://secunia.com/advisories/33204http://secunia.com/advisories/33205http://secunia.com/advisories/33231http://secunia.com/advisories/33232http://secunia.com/advisories/33408http://secunia.com/advisories/33415http://secunia.com/advisories/33421http://secunia.com/advisories/33433http://secunia.com/advisories/33434