mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-08 10:14:49 +02:00
0xMarcio
835 B
835 B
CVE-2008-5023
Description
Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR file.
POC
Reference
- https://bugzilla.mozilla.org/show_bug.cgi?id=424733
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9908
Github
No PoCs found on GitHub currently.