CVE-2008-2802

Description

Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to execute arbitrary code via an XUL document that includes a script from a chrome: URI that points to a fastload file, related to this file's "privilege level."

Software From Fixed in
mozilla / firefox - 2.0.0.14.x
mozilla / firefox 2.0 2.0.x
mozilla / firefox 2.0.0.1 2.0.0.1.x
mozilla / firefox 2.0.0.10 2.0.0.10.x
mozilla / firefox 2.0.0.11 2.0.0.11.x
mozilla / firefox 2.0.0.12 2.0.0.12.x
mozilla / firefox 2.0.0.13 2.0.0.13.x
mozilla / firefox 2.0.0.2 2.0.0.2.x
mozilla / firefox 2.0.0.3 2.0.0.3.x
mozilla / firefox 2.0.0.4 2.0.0.4.x
mozilla / firefox 2.0.0.5 2.0.0.5.x
mozilla / firefox 2.0.0.6 2.0.0.6.x
mozilla / firefox 2.0.0.7 2.0.0.7.x
mozilla / firefox 2.0.0.8 2.0.0.8.x
mozilla / firefox 2.0.0.9 2.0.0.9.x
mozilla / thunderbird - 2.0.0.14.x
mozilla / thunderbird 2.0.0.0 2.0.0.0.x
mozilla / thunderbird 2.0.0.1 2.0.0.1.x
mozilla / thunderbird 2.0.0.11 2.0.0.11.x
mozilla / thunderbird 2.0.0.12 2.0.0.12.x
mozilla / thunderbird 2.0.0.13 2.0.0.13.x
mozilla / thunderbird 2.0.0.2 2.0.0.2.x
mozilla / thunderbird 2.0.0.3 2.0.0.3.x
mozilla / thunderbird 2.0.0.4 2.0.0.4.x
mozilla / thunderbird 2.0.0.5 2.0.0.5.x
mozilla / thunderbird 2.0.0.6 2.0.0.6.x
mozilla / thunderbird 2.0.0.8 2.0.0.8.x
mozilla / thunderbird 2.0.0.9 2.0.0.9.x
mozilla / seamonkey - 1.1.9.x
mozilla / seamonkey 1.1 1.1.x
mozilla / seamonkey 1.1.2 1.1.2.x
mozilla / seamonkey 1.1.3 1.1.3.x
mozilla / seamonkey 1.1.4 1.1.4.x
mozilla / seamonkey 1.1.5 1.1.5.x
mozilla / seamonkey 1.1.6 1.1.6.x
mozilla / seamonkey 1.1.7 1.1.7.x
mozilla / seamonkey 1.1.8 1.1.8.x