CVE-2008-3835

The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox before 2.0.0.17, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code via unknown vectors.

🔗 References (88)

• secalert@redhathttp://download.novell.com/Download?buildid=WZXONb-tqBw~
• secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html
• secalert@redhathttp://secunia.com/advisories/31984
• secalert@redhathttp://secunia.com/advisories/31985
• secalert@redhathttp://secunia.com/advisories/32007
• secalert@redhathttp://secunia.com/advisories/32010
• secalert@redhathttp://secunia.com/advisories/32012
• secalert@redhathttp://secunia.com/advisories/32025
• secalert@redhathttp://secunia.com/advisories/32042
• secalert@redhathttp://secunia.com/advisories/32044
• secalert@redhathttp://secunia.com/advisories/32082
• secalert@redhathttp://secunia.com/advisories/32092
• secalert@redhathttp://secunia.com/advisories/32144
• secalert@redhathttp://secunia.com/advisories/32185
• secalert@redhathttp://secunia.com/advisories/32196