CVE-2008-3835 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2008-3835 Interim 1 8 2023-12-09T02:08:30Z current 2021-05-30T12:43:42Z 2023-12-09T02:08:30Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2008-3835 The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox before 2.0.0.17, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code via unknown vectors. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2HED4GVIK6PS6YN3W6DJZJ63F3ESARIV/#2HED4GVIK6PS6YN3W6DJZJ63F3ESARIV E-Mail link for SUSE-SA:2008:050 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LZWA5IC5L2QN74MAY2LDOH57OMCZY4GE/#LZWA5IC5L2QN74MAY2LDOH57OMCZY4GE E-Mail link for openSUSE-SU-2014:1100-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed MozillaThunderbird-91.1.1-1.1 MozillaThunderbird-translations-common-91.1.1-1.1 MozillaThunderbird-translations-other-91.1.1-1.1 MozillaThunderbird-91.1.1-1.1 as a component of openSUSE Tumbleweed MozillaThunderbird-translations-common-91.1.1-1.1 as a component of openSUSE Tumbleweed MozillaThunderbird-translations-other-91.1.1-1.1 as a component of openSUSE Tumbleweed The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox before 2.0.0.17, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code via unknown vectors. CVE-2008-3835 openSUSE Tumbleweed:MozillaThunderbird-91.1.1-1.1 openSUSE Tumbleweed:MozillaThunderbird-translations-common-91.1.1-1.1 openSUSE Tumbleweed:MozillaThunderbird-translations-other-91.1.1-1.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P