Aller au contenu
appaloosa scout logo main rounded
N/A

CVE-2008-2803

EN The mozIJSSubScriptLoader.LoadScript function in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 does not apply XPCNativeWrappers to scripts loaded from (1) file: URIs, (2) data: URIs, or (3) certain non-canonical chrome: URIs, which allows remote attackers to execute arbitrary code via vectors involving third-party add-ons.

EPSS 6.4% percentile 91.1%

Apps suivies affectées

Thunderbird
winget:Mozilla.Thunderbird
1 ouverte

Configurations CPE vulnérables

Vendor Produit Plateforme Versions CPE 2.3 URI
mozilla thunderbird Windows ≤2.0.0.14 cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
mozilla thunderbird Windows cpe:2.3:a:mozilla:thunderbird:2.0.0.0:*:*:*:*:*:*:*
mozilla thunderbird Windows cpe:2.3:a:mozilla:thunderbird:2.0.0.1:*:*:*:*:*:*:*
mozilla thunderbird Windows cpe:2.3:a:mozilla:thunderbird:2.0.0.2:*:*:*:*:*:*:*
mozilla thunderbird Windows cpe:2.3:a:mozilla:thunderbird:2.0.0.3:*:*:*:*:*:*:*
mozilla thunderbird Windows cpe:2.3:a:mozilla:thunderbird:2.0.0.4:*:*:*:*:*:*:*
mozilla thunderbird Windows cpe:2.3:a:mozilla:thunderbird:2.0.0.5:*:*:*:*:*:*:*
mozilla thunderbird Windows cpe:2.3:a:mozilla:thunderbird:2.0.0.6:*:*:*:*:*:*:*
mozilla thunderbird Windows cpe:2.3:a:mozilla:thunderbird:2.0.0.8:*:*:*:*:*:*:*
mozilla thunderbird Windows cpe:2.3:a:mozilla:thunderbird:2.0.0.9:*:*:*:*:*:*:*
mozilla thunderbird Windows cpe:2.3:a:mozilla:thunderbird:2.0.0.11:*:*:*:*:*:*:*
mozilla thunderbird Windows cpe:2.3:a:mozilla:thunderbird:2.0.0.12:*:*:*:*:*:*:*
mozilla thunderbird Windows cpe:2.3:a:mozilla:thunderbird:2.0.0.13:*:*:*:*:*:*:*
Voir sur NVD ↗