Vulnerabilities

CVE-2008-5022

by Fred · 13/11/2008

The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrary script via multiple listeners, which bypass the inner window check.

Date published : 2008-11-13

http://www.securityfocus.com/bid/32281

http://www.us-cert.gov/cas/techalerts/TA08-319A.html

Similar

Tags: Cybersecurity Alert