CVE-2008-2801 (retired)

Priority
Description
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly
implement JAR signing, which allows remote attackers to execute arbitrary
code via (1) injection of JavaScript into documents within a JAR archive or
(2) a JAR archive that uses relative URLs to JavaScript files.
Assigned-to
asac
Package
Upstream:released (2.0.0.15)
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:released (2.0.0.15)
Package
Upstream:released (1.1.10)
Package
Upstream:needs-triage
More Information

Updated: 2019-08-23 08:33:26 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)