CVE-2008-0417 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2008-0417
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-0417

Description: CRLF injection vulnerability in Mozilla Firefox before 2.0.0.12 allows remote user-assisted web sites to corrupt the user's password store via newlines that are not properly handled when the user saves a password.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-576-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00006.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1 ST 1019334 SAID Secunia Advisory: SA28924 Secunia Advisory: SA28879 Secunia Advisory: SA28877 Secunia Advisory: SA28865 Secunia Advisory: SA28864 Secunia Advisory: SA28839 Secunia Advisory: SA28766 Secunia Advisory: SA28818 Secunia Advisory: SA28939 Secunia Advisory: SA28958 Secunia Advisory: SA29086 Secunia Advisory: SA29567 Secunia Advisory: SA30327 Secunia Advisory: SA30620 REDHAT http://www.redhat.com/support/errata/RHSA-2008-0104.html http://www.redhat.com/support/errata/RHSA-2008-0103.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:048 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1489 http://www.debian.org/security/2008/dsa-1506 http://www.debian.org/security/2008/dsa-1485 http://www.debian.org/security/2008/dsa-1484 CONFIRM http://wiki.rpath.com/Advisories:rPSA-2008-0051 http://browser.netscape.com/releasenotes/ http://support.novell.com/techcenter/psdb/6251b18e050302ebe7fe74294b55c818.html http://www.mozilla.org/security/announce/2008/mfsa2008-04.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/488002/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/487826/100/0/threaded BID 27683

Return to the previous page.