{ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2008-5507", "STATE" : "PUBLIC" }, "affects" : { "vendor" : { "vendor_data" : [ { "product" : { "product_data" : [ { "product_name" : "n/a", "version" : { "version_data" : [ { "version_value" : "n/a" } ] } } ] }, "vendor_name" : "n/a" } ] } }, "data_format" : "MITRE", "data_type" : "CVE", "data_version" : "4.0", "description" : { "description_data" : [ { "lang" : "eng", "value" : "Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to bypass the same origin policy and access portions of data from another domain via a JavaScript URL that redirects to the target resource, which generates an error if the target data does not have JavaScript syntax, which can be accessed using the window.onerror DOM API." } ] }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "eng", "value" : "n/a" } ] } ] }, "references" : { "reference_data" : [ { "name" : "20081218 Firefox cross-domain text theft (CESA-2008-011)", "refsource" : "BUGTRAQ", "url" : "http://www.securityfocus.com/archive/1/499353/100/0/threaded" }, { "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=461735", "refsource" : "MISC", "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=461735" }, { "name" : "http://scary.beasts.org/security/CESA-2008-011.html", "refsource" : "MISC", "url" : "http://scary.beasts.org/security/CESA-2008-011.html" }, { "name" : "http://www.mozilla.org/security/announce/2008/mfsa2008-65.html", "refsource" : "CONFIRM", "url" : "http://www.mozilla.org/security/announce/2008/mfsa2008-65.html" }, { "name" : "DSA-1697", "refsource" : "DEBIAN", "url" : "http://www.debian.org/security/2009/dsa-1697" }, { "name" : "DSA-1704", "refsource" : "DEBIAN", "url" : "http://www.debian.org/security/2009/dsa-1704" }, { "name" : "DSA-1707", "refsource" : "DEBIAN", "url" : "http://www.debian.org/security/2009/dsa-1707" }, { "name" : "DSA-1696", "refsource" : "DEBIAN", "url" : "http://www.debian.org/security/2009/dsa-1696" }, { "name" : "MDVSA-2008:245", "refsource" : "MANDRIVA", "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:245" }, { "name" : "MDVSA-2009:012", "refsource" : "MANDRIVA", "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:012" }, { "name" : "MDVSA-2008:244", "refsource" : "MANDRIVA", "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:244" }, { "name" : "RHSA-2008:1036", "refsource" : "REDHAT", "url" : "http://www.redhat.com/support/errata/RHSA-2008-1036.html" }, { "name" : "RHSA-2008:1037", "refsource" : "REDHAT", "url" : "http://www.redhat.com/support/errata/RHSA-2008-1037.html" }, { "name" : "RHSA-2009:0002", "refsource" : "REDHAT", "url" : "http://www.redhat.com/support/errata/RHSA-2009-0002.html" }, { "name" : "256408", "refsource" : "SUNALERT", "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1" }, { "name" : "258748", "refsource" : "SUNALERT", "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1" }, { "name" : "USN-690-1", "refsource" : "UBUNTU", "url" : "https://usn.ubuntu.com/690-1/" }, { "name" : "USN-690-2", "refsource" : "UBUNTU", "url" : "http://www.ubuntu.com/usn/usn-690-2" }, { "name" : "USN-690-3", "refsource" : "UBUNTU", "url" : "https://usn.ubuntu.com/690-3/" }, { "name" : "USN-701-1", "refsource" : "UBUNTU", "url" : "http://www.ubuntu.com/usn/usn-701-1" }, { "name" : "USN-701-2", "refsource" : "UBUNTU", "url" : "http://www.ubuntu.com/usn/usn-701-2" }, { "name" : "32882", "refsource" : "BID", "url" : "http://www.securityfocus.com/bid/32882" }, { "name" : "oval:org.mitre.oval:def:9376", "refsource" : "OVAL", "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9376" }, { "name" : "1021423", "refsource" : "SECTRACK", "url" : "http://www.securitytracker.com/id?1021423" }, { "name" : "33231", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/33231" }, { "name" : "33433", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/33433" }, { "name" : "33216", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/33216" }, { "name" : "33232", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/33232" }, { "name" : "33523", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/33523" }, { "name" : "33547", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/33547" }, { "name" : "33184", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/33184" }, { "name" : "33188", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/33188" }, { "name" : "33189", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/33189" }, { "name" : "33203", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/33203" }, { "name" : "33204", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/33204" }, { "name" : "33205", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/33205" }, { "name" : "33421", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/33421" }, { "name" : "33434", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/33434" }, { "name" : "34501", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/34501" }, { "name" : "35080", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/35080" }, { "name" : "33408", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/33408" }, { "name" : "33415", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/33415" }, { "name" : "ADV-2009-0977", "refsource" : "VUPEN", "url" : "http://www.vupen.com/english/advisories/2009/0977" }, { "name" : "mozilla-javascripturl-infor-disclosure(47413)", "refsource" : "XF", "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47413" } ] } }