CVE-2008-5023
Published: 13 November 2008
Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR file.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
firefox Launchpad, Ubuntu, Debian |
dapper |
Released
(1.5.dfsg+1.5.0.15~prepatch080614h-0ubuntu1)
|
| gutsy |
Released
(2.0.0.18+nobinonly-0ubuntu0.7.10)
|
|
| hardy |
Released
(2.0.0.18+nobinonly-0ubuntu0.8.04.1)
|
|
| intrepid |
Does not exist
|
|
| upstream |
Released
(2.0.0.18)
|
|
|
firefox-3.0 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| gutsy |
Needed
(reached end-of-life)
|
|
| hardy |
Released
(3.0.4+nobinonly-0ubuntu0.8.04.1)
|
|
| intrepid |
Released
(3.0.4+nobinonly-0ubuntu0.8.10.1)
|
|
| upstream |
Needs triage
|
|
|
iceape Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| gutsy |
Needed
(reached end-of-life)
|
|
| hardy |
Does not exist
|
|
| intrepid |
Does not exist
|
|
| upstream |
Released
(1.1.13)
|
|
|
iceweasel Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| gutsy |
Does not exist
|
|
| hardy |
Does not exist
|
|
| intrepid |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
seamonkey Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| gutsy |
Does not exist
|
|
| hardy |
Released
(1.1.15+nobinonly-0ubuntu0.8.04.2)
|
|
| intrepid |
Released
(1.1.15+nobinonly-0ubuntu0.8.10.2)
|
|
| upstream |
Released
(1.1.13)
|
|
|
xulrunner Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| gutsy |
Released
(1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.7.10.1)
|
|
| hardy |
Released
(1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.8.04.1)
|
|
| intrepid |
Released
(1.8.1.16+nobinonly-0ubuntu1)
|
|
| upstream |
Needs triage
|
|
|
xulrunner-1.9 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| gutsy |
Needed
(reached end-of-life)
|
|
| hardy |
Released
(1.9.0.4+nobinonly-0ubuntu0.8.04.1)
|
|
| intrepid |
Released
(1.9.0.4+nobinonly-0ubuntu0.8.10.1)
|
|
| upstream |
Released
(1.9.0.4)
|