Description
The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox before 2.0.0.17, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code via unknown vectors.
Exploits
No known exploits found for this CVE.
Search Exploit-DBReferences
secalert@redhat.com
http://download.novell.com/Download?buildid=WZXONb-tqBw~secalert@redhat.com
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.htmlsecalert@redhat.com
http://secunia.com/advisories/31984secalert@redhat.com
http://secunia.com/advisories/31985secalert@redhat.com
http://secunia.com/advisories/32007secalert@redhat.com
http://secunia.com/advisories/32010secalert@redhat.com
http://secunia.com/advisories/32012secalert@redhat.com
http://secunia.com/advisories/32025secalert@redhat.com
http://secunia.com/advisories/32042secalert@redhat.com
http://secunia.com/advisories/32044secalert@redhat.com
http://secunia.com/advisories/32082secalert@redhat.com
http://secunia.com/advisories/32092secalert@redhat.com
http://secunia.com/advisories/32144secalert@redhat.com
http://secunia.com/advisories/32185secalert@redhat.com
http://secunia.com/advisories/32196secalert@redhat.com
http://secunia.com/advisories/32845secalert@redhat.com
http://secunia.com/advisories/33433secalert@redhat.com
http://secunia.com/advisories/33434secalert@redhat.com
http://secunia.com/advisories/34501secalert@redhat.com
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422secalert@redhat.com
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232secalert@redhat.com
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123secalert@redhat.com
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1secalert@redhat.com
http://www.debian.org/security/2008/dsa-1649secalert@redhat.com
http://www.debian.org/security/2008/dsa-1669secalert@redhat.com
http://www.debian.org/security/2009/dsa-1696secalert@redhat.com
http://www.debian.org/security/2009/dsa-1697secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDVSA-2008:205secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDVSA-2008:206secalert@redhat.com
http://www.mozilla.org/security/announce/2008/mfsa2008-38.htmlsecalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2008-0882.htmlsecalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2008-0908.htmlsecalert@redhat.com
http://www.securityfocus.com/bid/31346secalert@redhat.com
http://www.securitytracker.com/id?1020919secalert@redhat.com
http://www.ubuntu.com/usn/usn-645-1secalert@redhat.com
http://www.ubuntu.com/usn/usn-645-2secalert@redhat.com
http://www.ubuntu.com/usn/usn-647-1secalert@redhat.com
http://www.vupen.com/english/advisories/2008/2661secalert@redhat.com
http://www.vupen.com/english/advisories/2009/0977secalert@redhat.com
https://bugzilla.mozilla.org/show_bug.cgi?id=439034secalert@redhat.com
https://exchange.xforce.ibmcloud.com/vulnerabilities/45347secalert@redhat.com
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9643secalert@redhat.com
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.htmlsecalert@redhat.com
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.htmlaf854a3a-2127-422b-91ae-364da2661108
http://download.novell.com/Download?buildid=WZXONb-tqBw~af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.htmlaf854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/31984af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/31985af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/32007af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/32010af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/32012af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/32025af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/32042af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/32044af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/32082af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/32092af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/32144af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/32185af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/32196af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/32845af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/33433af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/33434af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/34501af854a3a-2127-422b-91ae-364da2661108
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422af854a3a-2127-422b-91ae-364da2661108
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232af854a3a-2127-422b-91ae-364da2661108
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123af854a3a-2127-422b-91ae-364da2661108
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2008/dsa-1649af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2008/dsa-1669af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2009/dsa-1696af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2009/dsa-1697af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDVSA-2008:205af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDVSA-2008:206af854a3a-2127-422b-91ae-364da2661108
http://www.mozilla.org/security/announce/2008/mfsa2008-38.htmlaf854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2008-0882.htmlaf854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2008-0908.htmlaf854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/31346af854a3a-2127-422b-91ae-364da2661108
http://www.securitytracker.com/id?1020919af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/usn-645-1af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/usn-645-2af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/usn-647-1af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2008/2661af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2009/0977af854a3a-2127-422b-91ae-364da2661108
https://bugzilla.mozilla.org/show_bug.cgi?id=439034af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/45347af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9643af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.htmlaf854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html