Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1234

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-1234
Last Modified 07 Mar 2011 10:06:22
Published 27 Mar 2008 06:44:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1234

Summary

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to inject arbitrary web script or HTML via event handlers, aka "Universal XSS using event handlers."

Vulnerable Systems

Application

  • Mozilla Firefox 2.0.0.12

  • Mozilla Seamonkey 1.1.8

  • Mozilla Thunderbird 2.0.0.12


References

CERT - TA08-087A

CERT-VN - VU#466521

FEDORA - FEDORA-2008-3557

FEDORA - FEDORA-2008-3519

VUPEN - ADV-2008-2091

VUPEN - ADV-2008-1793

VUPEN - ADV-2008-0999

VUPEN - ADV-2008-0998

UBUNTU - USN-605-1

CONFIRM - http://www.mozilla.org/security/announce/2008/mfsa2008-14.html

MANDRIVA - MDVSA-2008:155

GENTOO - GLSA-200805-18

SUNALERT - 239546

SUNALERT - 238492

SECUNIA - 31043

SECUNIA - 30620

SECUNIA - 30192

SECUNIA - 30105

XF - firefox-eventhandlers-xss(41455)

UBUNTU - USN-592-1

SECTRACK - 1019694

BID - 28448

BUGTRAQ - 20080327 rPSA-2008-0128-1 firefox

REDHAT - RHSA-2008:0209

REDHAT - RHSA-2008:0207

MANDRIVA - MDVSA-2008:080

DEBIAN - DSA-1574

DEBIAN - DSA-1535

DEBIAN - DSA-1534

DEBIAN - DSA-1532

CONFIRM - http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128

SECUNIA - 30370

SECUNIA - 30327

SECUNIA - 30094

SECUNIA - 30016

SECUNIA - 29645

SECUNIA - 29616

SECUNIA - 29607

SECUNIA - 29560

SECUNIA - 29558

SECUNIA - 29550

SECUNIA - 29548

SECUNIA - 29547

SECUNIA - 29541

SECUNIA - 29539

SECUNIA - 29526

SECUNIA - 29391

REDHAT - RHSA-2008:0208

SLACKWARE - SSA:2008-128-02

SUSE - SUSE-SA:2008:019

Related Patches

Novell SUSE 2008:5164 mozilla-xulrunner security update for SLE 10 SP1 i586


Last Updated: 27 May 2016 10:47:05