Oval Definition:	oval:org.opensuse.security:def:20085012
Revision Date: 2022-06-30 Version: 1 Title: CVE-2008-5012 Description: Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly change the source URI when processing a canvas element and an HTTP redirect, which allows remote attackers to bypass the same origin policy and access arbitrary images that are not directly accessible to the attacker. NOTE: this issue can be leveraged to enumerate software on the client by performing redirections related to moz-icon. Family: unix Class: vulnerability Status: Reference(s): CVE-2008-5012 Mitre CVE-2008-5012 SUSE CVE-2008-5012 openSUSE-SU-2014:1100-1 SUSE-SA:2008:055 Platform(s): Novell Linux Desktop 9 for x86 Novell Linux Desktop 9 for x86_64 Open Enterprise Server openSUSE 10.3 openSUSE 11.0 openSUSE Tumbleweed SUSE Linux Enterprise SDK 10 SP2 Product(s): Definition Synopsis sles10-sp2-sdk is installed AND gecko-sdk less than 1.8.0.14eol-0.9 Definition Synopsis openSUSE Tumbleweed is installed AND Package Information MozillaThunderbird-91.1.1-1.1 is installed OR MozillaThunderbird-translations-common-91.1.1-1.1 is installed OR MozillaThunderbird-translations-other-91.1.1-1.1 is installed
BACK