CVE-2008-5503
CVE-2008-5503
The loadBindingDocument function in Mozilla Firefox 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not perform any security checks related to the same-domain policy, which allows remote attackers to read or access data from other domains via crafted XBL bindings.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://bugzilla.mozilla.org/show_bug.cgi?id=379959http://secunia.com/advisories/33184http://secunia.com/advisories/33189http://secunia.com/advisories/33204http://secunia.com/advisories/33205http://secunia.com/advisories/33231http://secunia.com/advisories/33232http://secunia.com/advisories/33408http://secunia.com/advisories/33415http://secunia.com/advisories/33421http://secunia.com/advisories/33433http://secunia.com/advisories/33434