New Search

The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2 Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to (1) chrome XBL and (2) chrome JS.

oval:org.mitre.oval:def:9679

The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2 Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to (1) chrome XBL and (2) chrome JS.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 3
  • Oracle Linux 4
  • CentOS Linux 5
  • CentOS Linux 3
  • Red Hat Enterprise Linux 4
  • CentOS Linux 4
  • Red Hat Enterprise Linux 5
  • Oracle Linux 5
Class:
vulnerability
Reference(s):
  • CVE-2008-4058
Product(s):