Vulnerabilities

CVE-2008-5503

by Fred · 17/12/2008

The loadBindingDocument function in Mozilla Firefox 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not perform any security checks related to the same-domain policy, which allows remote attackers to read or access data from other domains via crafted XBL bindings.

Date published : 2008-12-17

http://www.securityfocus.com/bid/32882

http://www.mozilla.org/security/announce/2008/mfsa2008-61.html

Similar

Tags: Cybersecurity Alert