CVE-2008-0415
Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.load function, aka "JavaScript privilege escalation bugs."
Cross-site Scripting
Vendor | Product | Version |
---|---|---|
mozilla | firefox | 𝑥 ≤ 2.0.0.11 |
mozilla | seamonkey | 𝑥 ≤ 1.1.7 |
mozilla | thunderbird | 𝑥 ≤ 2.0.0.11 |
Ubuntu Releases
Ubuntu Product | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
firefox |
| ||||||||||||
iceape |
| ||||||||||||
icedove |
| ||||||||||||
iceweasel |
| ||||||||||||
mozilla-thunderbird |
| ||||||||||||
seamonkey |
| ||||||||||||
thunderbird |
| ||||||||||||
xulrunner |
|
Common Weakness Enumeration