what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2008-1234

Status Candidate

Overview

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to inject arbitrary web script or HTML via event handlers, aka "Universal XSS using event handlers."

Related Files

Mandriva Linux Security Advisory 2008-155
Posted Jul 28, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.16. This update provides the latest Thunderbird to correct these issues. It also provides Thunderbird 2.x for Corporate 3.0 systems. The previous update provided the incorrect version of the enigmail locale files. This version correctly builds them for Thunderbird 2.0.0.16.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2008-1233, CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237, CVE-2008-2785, CVE-2008-2798, CVE-2008-2799, CVE-2008-2802, CVE-2008-2803, CVE-2008-2807, CVE-2008-2809, CVE-2008-2811
SHA-256 | dbca2c291e326b6ba9c90f4a0212519e0799cfb0cfa010fc788bf50a34fa8c40
Mandriva Linux Security Advisory 2008-155
Posted Jul 26, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.16.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2008-1233, CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237, CVE-2008-2785, CVE-2008-2798, CVE-2008-2799, CVE-2008-2802, CVE-2008-2803, CVE-2008-2807, CVE-2008-2809, CVE-2008-2811
SHA-256 | 1a1feb90c9988e61bcb518e33f6acd3b11f0f3d648503d3f2efaccfd1b4f80c9
Gentoo Linux Security Advisory 200805-18
Posted May 20, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200805-18 - Multiple vulnerabilities have been reported in Mozilla Firefox, Thunderbird, SeaMonkey and XULRunner, some of which may allow user-assisted execution of arbitrary code. Versions less than 2.0.0.14 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2007-4879, CVE-2008-0304, CVE-2008-0412, CVE-2008-0413, CVE-2008-0414, CVE-2008-0415, CVE-2008-0416, CVE-2008-0417, CVE-2008-0418, CVE-2008-0419, CVE-2008-0420, CVE-2008-0591, CVE-2008-0592, CVE-2008-0593, CVE-2008-0594, CVE-2008-1233, CVE-2008-1234, CVE-2008-1235
SHA-256 | 0be1f28cc28c33f9527f262fab77a030b56ac3b42790cbcd8cb8957fadd87d38
Debian Linux Security Advisory 1574-1
Posted May 12, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1574-1 - Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. "moz_bug_r_a4" discovered that variants of CVE-2007-3738 and CVE-2007-5338 allow the execution of arbitrary code through XPCNativeWrapper. "moz_bug_r_a4" discovered that insecure handling of event handlers could lead to cross-site scripting. Boris Zbarsky, Johnny Stenback, and "moz_bug_r_a4" discovered that incorrect principal handling can lead to cross-site scripting and the execution of arbitrary code. Tom Ferris, Seth Spitzer, Martin Wargers, John Daggett and Mats Palmgren discovered crashes in the layout engine, which might allow the execution of arbitrary code. "georgi", "tgirmann" and Igor Bukanov discovered crashes in the Javascript engine, which might allow the execution of arbitrary code.

tags | advisory, remote, arbitrary, javascript, vulnerability, xss
systems | linux, debian
advisories | CVE-2008-1233, CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237
SHA-256 | 867d2fd1761cc34c6ec290e3c113c0014359a848ac9c6f97e6a95879044031b3
Ubuntu Security Notice 605-1
Posted May 6, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 605-1 - Various flaws were discovered in the JavaScript engine. If a user had JavaScript enabled and were tricked into opening a malicious email, an attacker could escalate privileges within Thunderbird, perform cross-site scripting attacks and/or execute arbitrary code with the user's privileges. Several problems were discovered in Thunderbird which could lead to crashes and memory corruption. If a user had JavaScript enabled and were tricked into opening a malicious email, an attacker may be able to execute arbitrary code with the user's privileges.

tags | advisory, arbitrary, javascript, xss
systems | linux, ubuntu
advisories | CVE-2008-1233, CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237
SHA-256 | b9c42ae554ce07a1d196256555df7f1305a5753dae6ea156362310e38f7087b4
Debian Linux Security Advisory 1534-2
Posted Apr 24, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1534-2 - Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite. Second advisory released as a regression in mailnews handling has been fixed.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2007-4879, CVE-2008-1233, CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237, CVE-2008-1238, CVE-2008-1240, CVE-2008-1241
SHA-256 | 0fb2b2835fb14979cbfd88d025ebea806c302f1580c57ee600cbdbb0f2011131
Debian Linux Security Advisory 1535-1
Posted Mar 31, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1535-1 - Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser.

tags | advisory, remote, web, vulnerability
systems | linux, debian
advisories | CVE-2007-4879, CVE-2008-1233, CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237, CVE-2008-1238, CVE-2008-1240, CVE-2008-1241
SHA-256 | 8359535a11fc6db1a21f14b95091f1e3129e608fbb944ba9bd3427409e18103f
Mandriva Linux Security Advisory 2008-080
Posted Mar 29, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.13.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2007-4879, CVE-2008-1195, CVE-2008-1233, CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237, CVE-2008-1238, CVE-2008-1240, CVE-2008-1241
SHA-256 | 4cdbe2dddc54456562e182712bb2c4a9e7096e9c916659c503d087a3ba656cd1
Debian Linux Security Advisory 1534-1
Posted Mar 28, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1534-1 - Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2007-4879, CVE-2008-1233, CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237, CVE-2008-1238, CVE-2008-1240, CVE-2008-1241
SHA-256 | da9f4d2a464b27e37b1afa1be3ec9ac6368ef77f044788da8f8fdd28c0dcb65d
Debian Linux Security Advisory 1532-1
Posted Mar 28, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1532-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2007-4879, CVE-2008-1233, CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237, CVE-2008-1238, CVE-2008-1240, CVE-2008-1241
SHA-256 | e88833628aa16e9976c86303172989887749f3e77a661e412e97078bf5dc631e
Ubuntu Security Notice 592-1
Posted Mar 26, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 592-1 - A ridiculous amount of vulnerabilities in Firefox have been addressed in this advisory for Ubuntu.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2007-4879, CVE-2008-0416, CVE-2008-1195, CVE-2008-1233, CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237, CVE-2008-1238, CVE-2008-1240, CVE-2008-1241
SHA-256 | b07c0e96e68ab81ecf155d01fffd3b142f8726c133c09cc6e3cb2bf3de2ffa13
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close