CVE-2008-5506

Priority
Low
Description
Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x
before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to
bypass the same origin policy by causing the browser to issue an
XMLHttpRequest to an attacker-controlled resource that uses a 302 redirect
to a resource in a different domain, then reading content from the
response, aka "response disclosure."
References
Package
Upstream:released (3.0.5)
Ubuntu 8.04 LTS (Hardy Heron):released (3.0.5+nobinonly-0ubuntu0.8.04.1)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Package
Upstream:released (2.0.0.19)
Ubuntu 8.04 LTS (Hardy Heron):released (2.0.0.19+nobinonly1-0ubuntu0.8.04.1)
Ubuntu 10.04 LTS (Lucid Lynx):released (3.0.5+nobinonly-0ubuntu0.8.04.1)
Ubuntu 11.04 (Natty Narwhal):released (3.0.5+nobinonly-0ubuntu0.8.04.1)
Ubuntu 11.10 (Oneiric Ocelot):released (3.0.5+nobinonly-0ubuntu0.8.04.1)
Package
Upstream:released (1.1.14)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Package
Upstream:released (1.1.14)
Ubuntu 8.04 LTS (Hardy Heron):released (1.1.15+nobinonly-0ubuntu0.8.04.2)
Ubuntu 10.04 LTS (Lucid Lynx):released (1.1.15+nobinonly-0ubuntu2)
Ubuntu 11.04 (Natty Narwhal):released (1.1.15+nobinonly-0ubuntu2)
Ubuntu 11.10 (Oneiric Ocelot):released (1.1.15+nobinonly-0ubuntu2)
Package
Upstream:released (2.0.0.19)
Ubuntu 8.04 LTS (Hardy Heron):released (2.0.0.19+nobinonly-0ubuntu0.8.04.1)
Ubuntu 10.04 LTS (Lucid Lynx):released (2.0.0.19+nobinonly-0ubuntu1)
Ubuntu 11.04 (Natty Narwhal):released (2.0.0.19+nobinonly-0ubuntu1)
Ubuntu 11.10 (Oneiric Ocelot):released (2.0.0.19+nobinonly-0ubuntu1)
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):released (1.9.0.5+nobinonly-0ubuntu0.8.04.1)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):released (1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.8.04.1)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:19:22 UTC (commit 5347)