Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:21046
HistoryDec 18, 2008 - 12:00 a.m.

Mozilla Foundation Security Advisory 2008-63

2008-12-1800:00:00
vulners.com
30
JSON

Mozilla Foundation Security Advisory 2008-63

Title: User tracking via XUL persist attribute
Impact: Low
Announced: December 16, 2008
Reporter: Hish
Products: Firefox

Fixed in: Firefox 3.0.5
Description

Security researcher Hish reported that the persist attribute in XUL elements can be used to store cookie-like information on a user's computer which could later be read by a website. This creates a privacy issue for users who have a non-standard cookie preference and wish to prevent sites from setting cookies on their machine. Even with cookies turned off, this issue could be used by a website to write persistent data in a user's browser and track the user across browsing sessions. Additionally, this issue could allow a website to bypass the limits normally placed on cookie size and number.
References

* https://bugzilla.mozilla.org/show_bug.cgi?id=295994
* CVE-2008-5505

Related

cve 1
prion 1
veracode 1
mozilla 1
ubuntucve 1
openvas 97
nessus 15
fedora 40
ubuntu 1
redhat 1
oraclelinux 1
centos 1
suse 2
securityvulns 1
freebsd 1
gentoo 1
cve
cve
CVE-2008-5505
2008-12-17 23:30:00
prion
prion
Design/Logic Flaw
2008-12-17 23:30:00
veracode
veracode
Information Disclosure
2020-04-10 00:29:53
mozilla
mozilla
User tracking via XUL persist attribute — Mozilla
2008-12-16 00:00:00
ubuntucve
ubuntucve
CVE-2008-5505
2008-12-17 00:00:00
openvas
openvas
Fedora Update for mugshot FEDORA-2008-11598
2009-02-13 00:00:00
Fedora Update for mozvoikko FEDORA-2008-11511
2009-02-13 00:00:00
Fedora Update for firefox FEDORA-2008-11598
2009-02-13 00:00:00
nessus
nessus
openSUSE Security Update : MozillaFirefox (MozillaFirefox-381)
2009-07-21 00:00:00
Ubuntu 8.04 LTS / 8.10 : firefox-3.0, xulrunner-1.9 vulnerabilities (USN-690-1)
2009-04-23 00:00:00
openSUSE Security Update : MozillaFirefox (MozillaFirefox-381)
2009-07-21 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: mozvoikko-0.9.5-5.fc10
2008-12-21 08:30:35
[SECURITY] Fedora 9 Update: chmsee-1.0.1-7.fc9
2008-12-21 08:37:20
[SECURITY] Fedora 9 Update: xulrunner-1.9.0.5-1.fc9
2008-12-21 08:37:20
ubuntu
ubuntu
Firefox and xulrunner vulnerabilities
2008-12-17 00:00:00
redhat
redhat
(RHSA-2008:1036) Critical: firefox security update
2008-12-16 00:00:00
oraclelinux
oraclelinux
firefox security update
2008-12-17 00:00:00
centos
centos
firefox, nspr, nss, seamonkey, xulrunner security update
2008-12-21 23:29:01
suse
suse
remote code execution in MozillaFirefox,seamonkey
2008-12-19 13:50:24
remote code execution in MozillaFirefox,MozillaThunderbird,mozilla
2009-01-14 11:55:45
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple seucrity vulnerabilities
2008-12-19 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2008-12-17 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
JSON
Related for SECURITYVULNS:DOC:21046
cve1prion1veracode1mozilla1ubuntucve1openvas97nessus15fedora40ubuntu1redhat1oraclelinux1centos1suse2securityvulns1freebsd1gentoo1