Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2008-5012
Description:Mozilla Firefox 2.x before, Thunderbird 2.x before, and SeaMonkey 1.x before 1.1.13 do not properly change the source URI when processing a canvas element and an HTTP redirect, which allows remote attackers to bypass the same origin policy and access arbitrary images that are not directly accessible to the attacker. NOTE: this issue can be leveraged to enumerate software on the client by performing redirections related to moz-icon.
Test IDs:  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2008-5012
BugTraq ID: 32281
BugTraq ID: 32351
Bugtraq: 20081118 Firefox cross-domain image theft (CESA-2008-009) (Google Search)
Cert/CC Advisory: TA08-319A
Debian Security Information: DSA-1669 (Google Search)
Debian Security Information: DSA-1671 (Google Search)
Debian Security Information: DSA-1696 (Google Search)
Debian Security Information: DSA-1697 (Google Search)
RedHat Security Advisories: RHSA-2008:0976
RedHat Security Advisories: RHSA-2008:0977
SuSE Security Announcement: SUSE-SA:2008:055 (Google Search)

© 1998-2021 E-Soft Inc. All rights reserved.