CVE-2008-5019
Published: 13 November 2008
The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting (XSS) attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
firefox Launchpad, Ubuntu, Debian |
dapper |
Released
(1.5.dfsg+1.5.0.15~prepatch080614h-0ubuntu1)
|
| gutsy |
Released
(2.0.0.18+nobinonly-0ubuntu0.7.10)
|
|
| hardy |
Released
(2.0.0.18+nobinonly-0ubuntu0.8.04.1)
|
|
| intrepid |
Does not exist
|
|
| upstream |
Released
(2.0.0.18)
|
|
|
firefox-3.0 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| gutsy |
Needed
(reached end-of-life)
|
|
| hardy |
Released
(3.0.4+nobinonly-0ubuntu0.8.04.1)
|
|
| intrepid |
Released
(3.0.4+nobinonly-0ubuntu0.8.10.1)
|
|
| upstream |
Needs triage
|
|
|
iceape Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| gutsy |
Needed
(reached end-of-life)
|
|
| hardy |
Does not exist
|
|
| intrepid |
Does not exist
|
|
| upstream |
Released
(1.1.13)
|
|
|
iceweasel Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| gutsy |
Does not exist
|
|
| hardy |
Does not exist
|
|
| intrepid |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
seamonkey Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| gutsy |
Does not exist
|
|
| hardy |
Released
(1.1.15+nobinonly-0ubuntu0.8.04.2)
|
|
| intrepid |
Released
(1.1.15+nobinonly-0ubuntu0.8.10.2)
|
|
| upstream |
Released
(1.1.13)
|
|
|
xulrunner Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| gutsy |
Released
(1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.7.10.1)
|
|
| hardy |
Released
(1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.8.04.1)
|
|
| intrepid |
Released
(1.8.1.16+nobinonly-0ubuntu1)
|
|
| upstream |
Needs triage
|
|
|
xulrunner-1.9 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| gutsy |
Needed
(reached end-of-life)
|
|
| hardy |
Released
(1.9.0.4+nobinonly-0ubuntu0.8.04.1)
|
|
| intrepid |
Released
(1.9.0.4+nobinonly-0ubuntu0.8.10.1)
|
|
| upstream |
Released
(1.9.0.4)
|