New Search

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing which allows remote attackers to execute arbitrary code via (1) injection of JavaScript into documents within a JAR archive or (2) a JAR archive that uses relative URLs to JavaScript files.

oval:org.mitre.oval:def:11810

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing which allows remote attackers to execute arbitrary code via (1) injection of JavaScript into documents within a JAR archive or (2) a JAR archive that uses relative URLs to JavaScript files.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 5
  • Oracle Linux 4
  • Red Hat Enterprise Linux 5
  • CentOS Linux 4
  • CentOS Linux 3
  • Red Hat Enterprise Linux 3
  • Oracle Linux 5
  • Red Hat Enterprise Linux 4
Class:
vulnerability
Reference(s):
  • CVE-2008-2801
Product(s):