Unrated severityNVD Advisory· Published Feb 8, 2008· Updated Apr 23, 2026
CVE-2008-0415
CVE-2008-0415
Description
Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.load function, aka "JavaScript privilege escalation bugs."
Affected products
3Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
65- browser.netscape.com/releasenotes/nvd
- lists.opensuse.org/opensuse-security-announce/2008-02/msg00006.htmlnvd
- secunia.com/advisories/28754nvd
- secunia.com/advisories/28758nvd
- secunia.com/advisories/28766nvd
- secunia.com/advisories/28808nvd
- secunia.com/advisories/28815nvd
- secunia.com/advisories/28818nvd
- secunia.com/advisories/28839nvd
- secunia.com/advisories/28864nvd
- secunia.com/advisories/28865nvd
- secunia.com/advisories/28877nvd
- secunia.com/advisories/28879nvd
- secunia.com/advisories/28924nvd
- secunia.com/advisories/28939nvd
- secunia.com/advisories/28958nvd
- secunia.com/advisories/29049nvd
- secunia.com/advisories/29086nvd
- secunia.com/advisories/29098nvd
- secunia.com/advisories/29164nvd
- secunia.com/advisories/29167nvd
- secunia.com/advisories/29211nvd
- secunia.com/advisories/29567nvd
- secunia.com/advisories/30327nvd
- secunia.com/advisories/30620nvd
- secunia.com/advisories/31043nvd
- slackware.com/security/viewer.phpnvd
- sunsolve.sun.com/search/document.donvd
- sunsolve.sun.com/search/document.donvd
- support.novell.com/techcenter/psdb/6251b18e050302ebe7fe74294b55c818.htmlnvd
- wiki.rpath.com/Advisories:rPSA-2008-0051nvd
- wiki.rpath.com/Advisories:rPSA-2008-0093nvd
- wiki.rpath.com/wiki/Advisories:rPSA-2008-0093nvd
- www.debian.org/security/2008/dsa-1484nvd
- www.debian.org/security/2008/dsa-1485nvd
- www.debian.org/security/2008/dsa-1489nvd
- www.debian.org/security/2008/dsa-1506nvd
- www.gentoo.org/security/en/glsa/glsa-200805-18.xmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.mozilla.org/security/announce/2008/mfsa2008-03.htmlnvd
- www.redhat.com/support/errata/RHSA-2008-0103.htmlnvd
- www.redhat.com/support/errata/RHSA-2008-0104.htmlnvd
- www.redhat.com/support/errata/RHSA-2008-0105.htmlnvd
- www.securityfocus.com/archive/1/487826/100/0/threadednvd
- www.securityfocus.com/archive/1/488002/100/0/threadednvd
- www.securityfocus.com/archive/1/488971/100/0/threadednvd
- www.securityfocus.com/bid/27683nvd
- www.securitytracker.com/idnvd
- www.ubuntu.com/usn/usn-576-1nvd
- www.ubuntu.com/usn/usn-582-1nvd
- www.ubuntu.com/usn/usn-582-2nvd
- www.vupen.com/english/advisories/2008/0453/referencesnvd
- www.vupen.com/english/advisories/2008/0454/referencesnvd
- www.vupen.com/english/advisories/2008/0627/referencesnvd
- www.vupen.com/english/advisories/2008/1793/referencesnvd
- www.vupen.com/english/advisories/2008/2091/referencesnvd
- bugzilla.mozilla.org/buglist.cginvd
- issues.rpath.com/browse/RPL-1995nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9897nvd
- www.redhat.com/archives/fedora-package-announce/2008-February/msg00274.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2008-February/msg00309.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2008-February/msg00381.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2008-February/msg00905.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2008-February/msg00946.htmlnvd
News mentions
0No linked articles in our index yet.