CVE-2008-0593 - Computer security: vulnerabilities and exploits database

[EN] securityvulns.ru
no-pyccku

CVE CVE-2008-0593
Status Candidate
Description Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original URL, such as with Single-Signon systems.
Phase Assigned (05.02.2008)
SecurityVulns: Mozilla Firefox / Thunderbird / Seamonkey multiple security vulonerabilities
NVD: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0593
References BID : 27683
BUGTRAQ : 20080209 rPSA-2008-0051-1 firefox
CONFIRM : http://wiki.rpath.com/Advisories:rPSA-2008-0051
CONFIRM : http://www.mozilla.org/security/announce/2008/mfsa...
CONFIRM : https://bugzilla.mozilla.org/show_bug.cgi?id=397427
DEBIAN : DSA-1484
DEBIAN : DSA-1485
DEBIAN : DSA-1489
FRSIRT : ADV-2008-0453
REDHAT : RHSA-2008:0103
REDHAT : RHSA-2008:0104
REDHAT : RHSA-2008:0105
SECTRACK : 1019341
SECUNIA : 28754
SECUNIA : 28758
SECUNIA : 28766
SECUNIA : 28815
SECUNIA : 28818
SECUNIA : 28839
SECUNIA : 28864
SECUNIA : 28865
SECUNIA : 28877
SECUNIA : 28879
UBUNTU : USN-576-1

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin