Upstream information
Description
feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers to execute scripts with chrome privileges via vectors related to feed preview and the (1) elem.doCommand, (2) elem.dispatchEvent, (3) _setTitleText, (4) _setTitleImage, and (5) _initSubscriptionUI functions.SUSE information
Overall state of this security issue: Ignore
This issue is currently rated as having important severity.
National Vulnerability Database | |
---|---|
Base Score | 7.5 |
Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Access Vector | Network |
Access Complexity | Low |
Authentication | None |
Confidentiality Impact | Partial |
Integrity Impact | Partial |
Availability Impact | Partial |
- SUSE-SA:2008:050, published Wed, 08 Oct 2008 16:00:00 +0000
List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
SUSE Linux Enterprise Server 11 SP1 |
| Patchnames: SUSE Linux Enterprise Server 11 SP1 GA MozillaFirefox SUSE Linux Enterprise Server 11 SP1 GA mozilla-xulrunner190 |
SUSE Linux Enterprise Server 11 SP2 |
| Patchnames: SUSE Linux Enterprise Server 11 SP2 GA MozillaFirefox |
SUSE Linux Enterprise Server 11 SP3 |
| Patchnames: SUSE Linux Enterprise Server 11 SP3 GA MozillaFirefox |
SUSE Linux Enterprise Server 11 SP4 |
| Patchnames: SUSE Linux Enterprise Server 11 SP4 GA MozillaFirefox |
SUSE Linux Enterprise Software Development Kit 11 SP4 |
| Patchnames: SUSE Linux Enterprise Software Development Kit 11 SP4 GA MozillaFirefox-devel |
SUSE Linux Enterprise SDK 10 SP2 |
|
sled10-sp2.x86 sle10-sp1-sdk.x86 sles10.x86 sle10-sp2-sdk.x86 sles10.ppc sle10-sp1-sdk.s390x sled10.x86 sled10-sp2.x86-64 sle10-sp1-sdk.ppc sles10-sp2.ia64 sles10-sp2.ppc sles10.ia64 sles10-sp2.s390x sle10-sp1-sdk.x86-64 sle10-sp2-sdk.ia64 sle10-sp2-sdk.x86-64 sles10-sp2.x86-64 sles10.x86-64 sled10.x86-64 sles10-sp2.x86 sles10.s390x sle10-sp1-sdk.ia64 sle10-sp2-sdk.s390x sle10-sp2-sdk.ppc ZYPP Patch Nr: 5654 |
openSUSE 11.0 |
| |
openSUSE 11.0 |
| |
Novell Linux Desktop 9 for x86 |
|
sles9-nld.x86 sles9-nld.x86-64 sles9-nlpos.x86 core9.ppc core9.x86-64 core9.ia64 core9.s390 core9.s390x sles9-oes.x86 core9.x86 YOU Patch Nr: 12264 |
Novell Linux Desktop 9 for x86_64 |
|
sles9-nld.x86 sles9-nld.x86-64 sles9-nlpos.x86 core9.ppc core9.x86-64 core9.ia64 core9.s390 core9.s390x sles9-oes.x86 core9.x86 YOU Patch Nr: 12264 |
Open Enterprise Server |
|
sles9-nld.x86 sles9-nld.x86-64 sles9-nlpos.x86 core9.ppc core9.x86-64 core9.ia64 core9.s390 core9.s390x sles9-oes.x86 core9.x86 YOU Patch Nr: 12264 |
Novell Linux Desktop 9 for x86 Novell Linux Desktop 9 for x86_64 |
|
sles9-nld.x86-64 sles9-nld.x86 YOU Patch Nr: 12263 |