Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via byte order mark (BOM) characters that are removed from JavaScript code before execution, aka "Stripped BOM characters bug."
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2008-09-24T18:00:00
Updated: 2017-09-28T12:57:01
Reserved: 2008-09-12T00:00:00
Link: CVE-2008-4065
JSON object: View
NVD Information
Status : Analyzed
Published: 2008-09-24T20:37:04.703
Modified: 2018-11-01T16:22:52.453
Link: CVE-2008-4065
JSON object: View
Redhat Information
No data.
CWE