Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2008-5023

Опубликовано: 13 нояб. 2008
Источник: ubuntu
Приоритет: medium
CVSS2: 7.5

Описание

Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR file.

РелизСтатусПримечание
dapper

released

1.5.dfsg+1.5.0.15~prepatch080614h-0ubuntu1
devel

DNE

gutsy

released

2.0.0.18+nobinonly-0ubuntu0.7.10
hardy

released

2.0.0.18+nobinonly-0ubuntu0.8.04.1
intrepid

DNE

upstream

released

2.0.0.18

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

3.0.4+nobinonly-0ubuntu2
gutsy

ignored

end of life, was needed
hardy

released

3.0.4+nobinonly-0ubuntu0.8.04.1
intrepid

released

3.0.4+nobinonly-0ubuntu0.8.10.1
upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

gutsy

ignored

end of life, was needed
hardy

DNE

intrepid

DNE

upstream

released

1.1.13

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

gutsy

DNE

hardy

DNE

intrepid

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

1.1.13+nobinonly-0ubuntu1
gutsy

DNE

hardy

released

1.1.15+nobinonly-0ubuntu0.8.04.2
intrepid

released

1.1.15+nobinonly-0ubuntu0.8.10.2
upstream

released

1.1.13

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

1.8.1.16+nobinonly-0ubuntu1
gutsy

released

1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.7.10.1
hardy

released

1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.8.04.1
intrepid

released

1.8.1.16+nobinonly-0ubuntu1
upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

1.9.0.4+nobinonly-0ubuntu1
gutsy

ignored

end of life, was needed
hardy

released

1.9.0.4+nobinonly-0ubuntu0.8.04.1
intrepid

released

1.9.0.4+nobinonly-0ubuntu0.8.10.1
upstream

released

1.9.0.4

Показывать по

Ссылки на источники

7.5 High

CVSS2

Связанные уязвимости

redhat логотип

CVE-2008-5023

redhat
больше 16 лет назад

Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR file.

nvd логотип

CVE-2008-5023

nvd
больше 16 лет назад

Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR file.

debian логотип

CVE-2008-5023

debian
больше 16 лет назад

Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1 ...

github логотип

GHSA-w4jm-xq46-3m5g

github
около 3 лет назад

Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR file.

oracle-oval логотип

ELSA-2008-0978

oracle-oval
больше 16 лет назад

ELSA-2008-0978: firefox security update (CRITICAL)

7.5 High

CVSS2

Уязвимость CVE-2008-5023