CVE-2008-5019

Priority
Medium
Description
The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x
before 2.0.0.18 allows remote attackers to violate the same origin policy
to conduct cross-site scripting (XSS) attacks and execute arbitrary
JavaScript with chrome privileges via unknown vectors.
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5019
http://www.ubuntu.com/usn/usn-667-1
Assigned-to
asac
Package
Source: firefox-3.0 (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):released (3.0.4+nobinonly-0ubuntu0.8.04.1)
Package
Source: firefox (LP Ubuntu Debian)
Upstream:released (2.0.0.18)
Ubuntu 8.04 LTS (Hardy Heron):released (2.0.0.18+nobinonly-0ubuntu0.8.04.1)
Package
Source: iceape (LP Ubuntu Debian)
Upstream:released (1.1.13)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Source: seamonkey (LP Ubuntu Debian)
Upstream:released (1.1.13)
Ubuntu 8.04 LTS (Hardy Heron):released (1.1.15+nobinonly-0ubuntu0.8.04.2)
Package
Source: xulrunner-1.9 (LP Ubuntu Debian)
Upstream:released (1.9.0.4)
Ubuntu 8.04 LTS (Hardy Heron):released (1.9.0.4+nobinonly-0ubuntu0.8.04.1)
Package
Source: xulrunner (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):released (1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.8.04.1)
Package
Source: iceweasel (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:19:16 UTC (commit 5347)