New Search

Firefox 3.x before 3.0.4 Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR file.

oval:org.mitre.oval:def:9908

Firefox 3.x before 3.0.4 Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR file.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Oracle Linux 5
  • CentOS Linux 3
  • CentOS Linux 5
  • Red Hat Enterprise Linux 4
  • CentOS Linux 4
  • Red Hat Enterprise Linux 3
  • Red Hat Enterprise Linux 5
  • Oracle Linux 4
Class:
vulnerability
Reference(s):
  • CVE-2008-5023
Product(s):