CVE-2008-5506 Information

Feb 14, 2021 cve

Description

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 Thunderbird 2.x before 2.0.0.19 and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy by causing the browser to issue an XMLHttpRequest to an attacker-controlled resource that uses a 302 redirect to a resource in a different domain then reading content from the response aka \response disclosure.\

Reference

http://secunia.com/advisories/33184 http://secunia.com/advisories/33188 http://secunia.com/advisories/33189 http://secunia.com/advisories/33203 http://secunia.com/advisories/33204 http://secunia.com/advisories/33205 http://secunia.com/advisories/33216 http://secunia.com/advisories/33231 http://secunia.com/advisories/33232 http://secunia.com/advisories/33408 http://secunia.com/advisories/33415 http://secunia.com/advisories/33421 http://secunia.com/advisories/33433 http://secunia.com/advisories/33434 http://secunia.com/advisories/33523 http://secunia.com/advisories/33547 http://secunia.com/advisories/34501 http://secunia.com/advisories/35080 http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1 http://www.debian.org/security/2009/dsa-1696 http://www.debian.org/security/2009/dsa-1697 http://www.debian.org/security/2009/dsa-1704 http://www.debian.org/security/2009/dsa-1707 http://www.mandriva.com/security/advisories?name=MDVSA-2008:244 http://www.mandriva.com/security/advisories?name=MDVSA-2008:245 http://www.mandriva.com/security/advisories?name=MDVSA-2009:012 http://www.mozilla.org/security/announce/2008/mfsa2008-64.html http://www.redhat.com/support/errata/RHSA-2008-1036.html http://www.redhat.com/support/errata/RHSA-2008-1037.html http://www.redhat.com/support/errata/RHSA-2009-0002.html http://www.securityfocus.com/bid/32882 http://www.securitytracker.com/id?1021427 http://www.ubuntu.com/usn/usn-690-2 http://www.ubuntu.com/usn/usn-701-1 http://www.ubuntu.com/usn/usn-701-2 http://www.vupen.com/english/advisories/2009/0977 https://bugzilla.mozilla.org/show_bug.cgi?id=458248 https://exchange.xforce.ibmcloud.com/vulnerabilities/47412 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10512 https://usn.ubuntu.com/690-1/ https://usn.ubuntu.com/690-3/

Share on: