Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2008-5019

The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting (XSS) attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors.

Related bugs and status

CVE-2008-5019 (Candidate) is related to these bugs:

Bug #297789: Seamonkey should be updated to 1.1.13

		In	Importance	Status
297789	Seamonkey should be updated to 1.1.13	seamonkey (Ubuntu)	Undecided	Fix Released
297789	Seamonkey should be updated to 1.1.13	seamonkey (Ubuntu Hardy)	Critical	Fix Released
297789	Seamonkey should be updated to 1.1.13	seamonkey (Ubuntu Intrepid)	Critical	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.securitytra...
MISC: http://sunsolve.sun.co...
MISC: http://www.securityfoc...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://www.vupen.com/e...
MISC: http://www.vupen.com/e...
MISC: https://www.redhat.com...
MISC: https://www.redhat.com...
MISC: http://www.mandriva.co...
MISC: http://www.mandriva.co...
MISC: http://www.redhat.com/...
MISC: http://www.redhat.com/...
MISC: http://lists.opensuse....
MISC: http://www.us-cert.gov...
MISC: http://ubuntu.com/usn/...
MISC: http://www.mozilla.org...
MISC: https://bugzilla.mozil...
MISC: https://oval.cisecurit...