CVE-2008-5015
CVSS v2.0
5.1 (Medium)
EPSS
2.30 % (90th)
Affected Products
1
Advisories
6
Mozilla Firefox 3.x before 3.0.4 assigns chrome privileges to a file: URI when it is accessed in the same tab from a chrome or privileged about: page, which makes it easier for user-assisted attackers to execute arbitrary JavaScript with chrome privileges via malicious code in a file that has already been saved on the local system.
Weaknesses
- CWE-94
- Improper Control of Generation of Code ('Code Injection')
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2008-11-13 11:30:01
(16 years ago) - Updated Date
-
2017-09-29 01:32:25
(7 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...