Red Hat Bugzilla – Bug 463192
CVE-2008-4059 Mozilla privilege escalation via XPCnativeWrapper pollution
Last modified: 2010-03-22 15:30:54 EDT
Mozilla security researcher moz_bug_r_a4 reported a series of
vulnerabilities by which page content can pollute XPCNativeWrappers and
have arbitrary code run with chrome privileges. One variant reported by
moz_bug_r_a4 only affected Firefox 2.
This bug covers the Firefox 2 variant.
This is from MFSA 2008-41
This is now public
thunderbird-184.108.40.206-1.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
thunderbird-220.127.116.11-1.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.