CVE-2008-5506 (retired)

Priority
Description
Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x
before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to
bypass the same origin policy by causing the browser to issue an
XMLHttpRequest to an attacker-controlled resource that uses a 302 redirect
to a resource in a different domain, then reading content from the
response, aka "response disclosure."
Package
Upstream:released (2.0.0.19)
Package
Upstream:released (3.0.5)
Package
Upstream:released (1.1.14)
Package
Upstream:needs-triage
Package
Upstream:released (1.1.14)
Package
Upstream:released (2.0.0.19)
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2019-03-26 11:46:15 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)