CVE-2008-0417

CRLF injection vulnerability in Mozilla Firefox before 2.0.0.12 allows remote user-assisted web sites to corrupt the user's password store via newlines that are not properly handled when the user saves a password.

🔗 References (82)

• secalert@redhathttp://browser.netscape.com/releasenotes/
• secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2008-02/msg00006.html
• secalert@redhathttp://secunia.com/advisories/28766
• secalert@redhathttp://secunia.com/advisories/28818
• secalert@redhathttp://secunia.com/advisories/28839
• secalert@redhathttp://secunia.com/advisories/28864
• secalert@redhathttp://secunia.com/advisories/28865
• secalert@redhathttp://secunia.com/advisories/28877
• secalert@redhathttp://secunia.com/advisories/28879
• secalert@redhathttp://secunia.com/advisories/28924
• secalert@redhathttp://secunia.com/advisories/28939
• secalert@redhathttp://secunia.com/advisories/28958
• secalert@redhathttp://secunia.com/advisories/29086
• secalert@redhathttp://secunia.com/advisories/29567
• secalert@redhathttp://secunia.com/advisories/30327