CVE-2008-4582 – Mozilla Firefox 3.0.3 - Internet Shortcut Same Origin Policy Violation
https://notcve.org/view.php?id=CVE-2008-4582
Mozilla Firefox 3.0.1 through 3.0.3, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13, when running on Windows, do not properly identify the context of Windows .url shortcut files, which allows user-assisted remote attackers to bypass the Same Origin Policy and obtain sensitive information via an HTML document that is directly accessible through a filesystem, as demonstrated by documents in (1) local folders, (2) Windows share folders, and (3) RAR archives, and as demonstrated by IFRAMEs referencing shortcuts that point to (a) about:cache?device=memory and (b) about:cache?device=disk, a variant of CVE-2008-2810. Mozilla Firefox 3.0.1 hasta la versión 3.0.3, Firefox 2.x en versiones anteriores a 2.0.0.18 y SeaMonkey 1.x en versiones anteriores a 1.1.13, cuando se ejecuta en Windows, no identifican correctamente el contexto de los archivos de acceso directo de Windows .url, lo que permite a atacantes remotos asistidos por usuario eludir la Same Origin Policy y obtener información sensible a través de un documento HTML que es accesible directamente a través de un sistema de archivos, como se demuestra por los documentos en (1) carpetas locales, (2) carpetas compartidas de Windows y (3) archivos RAR y como se demuestra por IFRAMEs referenciando shortcuts que apuntan a (a) about:cache?device=memory y (b) about:cache? • https://www.exploit-db.com/exploits/32466 http://liudieyu0.blog124.fc2.com/blog-entry-6.html http://secunia.com/advisories/32192 http://secunia.com/advisories/32684 http://secunia.com/advisories/32693 http://secunia.com/advisories/32714 http://secunia.com/advisories/32721 http://secunia.com/advisories/32778 http://secunia.com/advisories/32845 http://secunia.com/advisories/32853 http://secunia.com/advisories/33433 http://secunia.com/advisories/33434 http://secunia.com • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2008-4577 – dovecot: incorrect handling of negative rights in the ACL plugin
https://notcve.org/view.php?id=CVE-2008-4577
The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions. El plugin ACL en Dovecot anterior a 1.1.4 amenaza los derechos del acceso negativo como si fueran derechos de acceso positivos, lo que permite a atacantes evitar las restricciones de acceso previstas. • http://bugs.gentoo.org/show_bug.cgi?id=240409 http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html http://secunia.com/advisories/32164 http://secunia.com/advisories/32471 http://secunia.com/advisories/33149 http://secunia.com/advisories/33624 http://secunia.com/advisories/36904 http://security.gentoo.org/glsa/glsa-200812-16.xml http://www.dovecot.org/list/dovecot-news/2008-October/000085.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:232& • CWE-863: Incorrect Authorization •
CVE-2008-3837 – mozilla: Forced mouse drag
https://notcve.org/view.php?id=CVE-2008-3837
Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey before 1.1.12, allow user-assisted remote attackers to move a window during a mouse click, and possibly force a file download or unspecified other drag-and-drop action, via a crafted onmousedown action that calls window.moveBy, a variant of CVE-2003-0823. Firefox de Mozilla antes de 2.0.0.17 y 3.x antes de 3.0.2 y SeaMonkey antes de 1.1.12, permiten a atacantes remotos ayudados por el usuario mover una ventana durante un click de ratón y posiblemente forzar una descarga de archivos u otras acciones "arrastrar y soltar", mediante una acción onmousedown manipulada que llama a window.moveBy, una variante de CVE-2003-0823. • http://download.novell.com/Download?buildid=WZXONb-tqBw~ http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html http://secunia.com/advisories/31984 http://secunia.com/advisories/31985 http://secunia.com/advisories/31987 http://secunia.com/advisories/32010 http://secunia.com/advisories/32011 http://secunia.com/advisories/32012 http://secunia.com/advisories/32042 http://secunia.com/advisories/32044 http://secunia.com/advisories/32089 http://secunia.com/advisorie •
CVE-2008-4058 – Mozilla privilege escalation via XPCnativeWrapper pollution
https://notcve.org/view.php?id=CVE-2008-4058
The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to (1) chrome XBL and (2) chrome JS. El componente XPConnect en Mozilla Firefox antes de 2.0.0.17 y 3.x antes de 3.0.2, Thunderbird antes de 2.0.0.17 y SeaMonkey before 1.1.12 permite a atacantes remotos "contaminar XPCNativeWrappers" y ejecutar código de su elección con privilegios chrome mediante vectores relacionados con (1) chrome XBL y (2) chrome JS. • http://download.novell.com/Download?buildid=WZXONb-tqBw~ http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html http://secunia.com/advisories/31984 http://secunia.com/advisories/31985 http://secunia.com/advisories/31987 http://secunia.com/advisories/32007 http://secunia.com/advisories/32010 http://secunia.com/advisories/32011 http://secunia.com/advisories/32012 http://secunia.com/advisories/32025 http://secunia.com/advisories/32042 http://secunia.com/advisorie • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2008-4063 – Mozilla crashes with evidence of memory corruption
https://notcve.org/view.php?id=CVE-2008-4063
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and (1) a zero value of the "this" variable in the nsContentList::Item function; (2) interaction of the indic IME extension, a Hindi language selection, and the "g" character; and (3) interaction of the nsFrameList::SortByContentOrder function with a certain insufficient protection of inline frames. Múltiples vulnerabilidades sin especificar en Mozilla Firefox 3.x antes de 3.0.2 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código de su elección mediante vectores relacionados con el motor de diseño y (1) un valor cero de la variable "this" en la función nsContentList::Item; (2) la interacción de la extensión indic IME, una selección de lenguaje Hindú, y el caracter "g"; y (3) la interacción en la función nsFrameList::SortByContentOrder con una cierta protección insuficiente de marcos inline. • http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html http://secunia.com/advisories/31987 http://secunia.com/advisories/32011 http://secunia.com/advisories/32012 http://secunia.com/advisories/32025 http://secunia.com/advisories/32044 http://secunia.com/advisories/32082 http://secunia.com/advisories/32089 http://secunia.com/advisories/32095 http://secunia.com/advisories/32096 http://secunia.com/advisories/32196 http://secunia.com/advisories/34501 http:// •