CVE-2008-1235

Impact:
Critical
Public Date:
2008-03-25
Bugzilla:
438717: CVE-2008-1235 chrome privilege via wrong principal

The MITRE CVE dictionary describes this issue as:

Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via unknown vectors that cause JavaScript to execute with the wrong principal, aka "Privilege escalation via incorrect principals."

Find out more about CVE-2008-1235 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux Desktop version 5 (thunderbird) RHSA-2008:0209 2008-04-03
Red Hat Enterprise Linux version 5 (firefox) RHSA-2008:0207 2008-03-27
Red Hat Enterprise Linux Optional Productivity Applications version 5 (thunderbird) RHSA-2008:0209 2008-04-03
Red Hat Enterprise Linux version 2.1 (seamonkey) RHSA-2008:0208 2008-03-27
Red Hat Enterprise Linux version 4 (seamonkey) RHSA-2008:0208 2008-03-27
Red Hat Enterprise Linux version 4 (thunderbird) RHSA-2008:0209 2008-04-03
Red Hat Enterprise Linux version 4 (firefox) RHSA-2008:0207 2008-03-27
Red Hat Enterprise Linux version 3 (seamonkey) RHSA-2008:0208 2008-03-27