Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy by causing the browser to issue an XMLHttpRequest to an attacker-controlled resource that uses a 302 redirect to a resource in a different domain, then reading content from the response, aka "response disclosure."
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2008-12-17T23:00:00
Updated: 2018-10-03T20:57:01
Reserved: 2008-12-12T00:00:00
Link: CVE-2008-5506
JSON object: View
NVD Information
Status : Analyzed
Published: 2008-12-17T23:30:00.563
Modified: 2018-11-08T20:12:00.137
Link: CVE-2008-5506
JSON object: View
Redhat Information
No data.
CWE