CVE-2008-2801 (retired)

Priority
Description
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly
implement JAR signing, which allows remote attackers to execute arbitrary
code via (1) injection of JavaScript into documents within a JAR archive or
(2) a JAR archive that uses relative URLs to JavaScript files.
Assigned-to
asac
Notes
Package
Upstream:released (2.0.0.15)
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:released (2.0.0.15)
Package
Upstream:released (1.1.10)
Package
Upstream:needs-triage
More Information

Updated: 2019-10-09 07:11:12 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)