CVE-2008-5506

Priority
Description
Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x
before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to
bypass the same origin policy by causing the browser to issue an
XMLHttpRequest to an attacker-controlled resource that uses a 302 redirect
to a resource in a different domain, then reading content from the
response, aka "response disclosure."
Notes
Package
Upstream:released (2.0.0.19)
Package
Upstream:released (3.0.5)
Package
Upstream:released (1.1.14)
Package
Upstream:needs-triage
Package
Upstream:released (1.1.14)
Package
Upstream:released (2.0.0.19)
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2020-01-29 19:34:03 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)