N/A Published on 2008-07-07

CVE-2008-2806

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 on Mac OS X allow remote attackers to bypass the Same Origin Policy and create arbitrary socket connections via a crafted Java applet, related to the Java Embedding Plugin (JEP) and Java LiveConnect.

EPSS 0.9% percentile 76.2%

Affected tracked apps

Thunderbird

winget:Mozilla.Thunderbird

1 open

Vulnerable CPE configurations

Vendor	Product	Platform	Versions	CPE 2.3 URI
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:2.0_.4:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:2.0_.5:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:2.0_.6:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:2.0_.9:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:2.0_.12:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:2.0_.13:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:2.0_.14:::::::*
mozilla	thunderbird	Windows	—	cpe:2.3:a:mozilla:thunderbird:2.0_8:::::::*

View on NVD ↗