Oval Definition:oval:org.mitre.oval:def:9376
Revision Date:2013-04-29Version:13
Title:Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy and access portions of data from another domain via a JavaScript URL that redirects to the target resource, which generates an error if the target data does not have JavaScript syntax, which can be accessed using the window.onerror DOM API.
Description:Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to bypass the same origin policy and access portions of data from another domain via a JavaScript URL that redirects to the target resource, which generates an error if the target data does not have JavaScript syntax, which can be accessed using the window.onerror DOM API.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2008-5507
Platform(s):CentOS Linux 3
CentOS Linux 4
CentOS Linux 5
Oracle Linux 4
Oracle Linux 5
Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
Product(s):
Definition Synopsis
  • OS Section: RHEL3, CentOS3
  • RHEL3 or CentOS3
  • The operating system installed on the system is Red Hat Enterprise Linux 3
  • OR CentOS Linux 3.x
  • AND Configuration section
  • seamonkey-nspr is earlier than 0:1.0.9-0.29.el3
  • OR seamonkey-js-debugger is earlier than 0:1.0.9-0.29.el3
  • OR seamonkey-nss-devel is earlier than 0:1.0.9-0.29.el3
  • OR seamonkey is earlier than 0:1.0.9-0.29.el3
  • OR seamonkey-nspr-devel is earlier than 0:1.0.9-0.29.el3
  • OR seamonkey-mail is earlier than 0:1.0.9-0.29.el3
  • OR seamonkey-chat is earlier than 0:1.0.9-0.29.el3
  • OR seamonkey-devel is earlier than 0:1.0.9-0.29.el3
  • OR seamonkey-dom-inspector is earlier than 0:1.0.9-0.29.el3
  • OR seamonkey-nss is earlier than 0:1.0.9-0.29.el3
  • OR OS Section: RHEL4, CentOS4, Oracle Linux 4
  • RHEL4, CentOS4 or Oracle Linux 4
  • The operating system installed on the system is Red Hat Enterprise Linux 4
  • OR CentOS Linux 4.x
  • OR Oracle Linux 4.x
  • AND Configuration section
  • nspr is earlier than 0:4.7.3-1.el4
  • OR seamonkey-js-debugger is earlier than 0:1.0.9-32.el4
  • OR nss is earlier than 0:3.12.2.0-1.el4
  • OR thunderbird is earlier than 0:1.5.0.12-18.el4
  • OR nspr-devel is earlier than 0:4.7.3-1.el4
  • OR seamonkey is earlier than 0:1.0.9-32.el4
  • OR firefox is earlier than 0:3.0.5-1.el4
  • OR nss-devel is earlier than 0:3.12.2.0-1.el4
  • OR seamonkey-mail is earlier than 0:1.0.9-32.el4
  • OR seamonkey-chat is earlier than 0:1.0.9-32.el4
  • OR seamonkey-dom-inspector is earlier than 0:1.0.9-32.el4
  • OR seamonkey-devel is earlier than 0:1.0.9-32.el4
  • OR OS Section: RHEL5, CentOS5, Oracle Linux 5
  • RHEL5, CentOS5 or Oracle Linux 5
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • OR Oracle Linux 5.x
  • AND Configuration section
  • nss-pkcs11-devel is earlier than 0:3.12.2.0-2.el5
  • OR xulrunner-devel is earlier than 0:1.9.0.5-1.el5_2
  • OR nspr is earlier than 0:4.7.3-2.el5
  • OR nss is earlier than 0:3.12.2.0-2.el5
  • OR thunderbird is earlier than 0:2.0.0.19-1.el5_2
  • OR nspr-devel is earlier than 0:4.7.3-2.el5
  • OR xulrunner is earlier than 0:1.9.0.5-1.el5_2
  • OR xulrunner-devel-unstable is earlier than 0:1.9.0.5-1.el5_2
  • OR firefox is earlier than 0:3.0.5-1.el5_2
  • OR nss-devel is earlier than 0:3.12.2.0-2.el5
  • OR nss-tools is earlier than 0:3.12.2.0-2.el5
    • BACK