Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2008-5023

Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR file.

Related bugs and status

CVE-2008-5023 (Candidate) is related to these bugs:

Bug #297789: Seamonkey should be updated to 1.1.13

		In	Importance	Status
297789	Seamonkey should be updated to 1.1.13	seamonkey (Ubuntu)	Undecided	Fix Released
297789	Seamonkey should be updated to 1.1.13	seamonkey (Ubuntu Hardy)	Critical	Fix Released
297789	Seamonkey should be updated to 1.1.13	seamonkey (Ubuntu Intrepid)	Critical	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://bugzilla.mozil...
MISC: http://www.securitytra...
MISC: http://sunsolve.sun.co...
MISC: http://www.securityfoc...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://www.vupen.com/e...
MISC: http://www.vupen.com/e...
MISC: http://www.debian.org/...
MISC: http://www.debian.org/...
MISC: https://www.redhat.com...
MISC: https://www.redhat.com...
MISC: http://www.mandriva.co...
MISC: http://www.mandriva.co...
MISC: http://www.redhat.com/...
MISC: http://www.redhat.com/...
MISC: http://lists.opensuse....
MISC: http://www.us-cert.gov...
MISC: http://ubuntu.com/usn/...
MISC: http://www.mozilla.org...
MISC: https://oval.cisecurit...