CVE-2008-5024
CVE-2008-5024
Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly escape quote characters used for XML processing, which allows remote attackers to conduct XML injection attacks via the default namespace in an E4X document.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=453915http://secunia.com/advisories/32684http://secunia.com/advisories/32693http://secunia.com/advisories/32694http://secunia.com/advisories/32695http://secunia.com/advisories/32713http://secunia.com/advisories/32714http://secunia.com/advisories/32715http://secunia.com/advisories/32721http://secunia.com/advisories/32778http://secunia.com/advisories/32798