Vulnerabilities

CVE-2008-4066

by Fred · 24/09/2008

Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via HTML-escaped low surrogate characters that are ignored by the HTML parser, as demonstrated by a "jav&#56325ascript" sequence, aka "HTML escaped low surrogates bug."

Date published : 2008-09-24

http://www.securityfocus.com/bid/31346

http://download.novell.com/Download?buildid=WZXONb-tqBw~

Similar

Tags: Cybersecurity Alert