CVE-2008-4059

The XPConnect component in Mozilla Firefox before 2.0.0.17 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to a SCRIPT element.

🔗 References (88)

• secalert@redhathttp://download.novell.com/Download?buildid=WZXONb-tqBw~
• secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html
• secalert@redhathttp://secunia.com/advisories/31984
• secalert@redhathttp://secunia.com/advisories/31985
• secalert@redhathttp://secunia.com/advisories/32007
• secalert@redhathttp://secunia.com/advisories/32010
• secalert@redhathttp://secunia.com/advisories/32012
• secalert@redhathttp://secunia.com/advisories/32025
• secalert@redhathttp://secunia.com/advisories/32042
• secalert@redhathttp://secunia.com/advisories/32044
• secalert@redhathttp://secunia.com/advisories/32082
• secalert@redhathttp://secunia.com/advisories/32092
• secalert@redhathttp://secunia.com/advisories/32144
• secalert@redhathttp://secunia.com/advisories/32185
• secalert@redhathttp://secunia.com/advisories/32196