Red Hat Bugzilla – Bug 463192
CVE-2008-4059 Mozilla privilege escalation via XPCnativeWrapper pollution
Last modified: 2010-03-22 15:30:54 EDT
Mozilla security researcher moz_bug_r_a4 reported a series of
vulnerabilities by which page content can pollute XPCNativeWrappers and
have arbitrary code run with chrome privileges. One variant reported by
moz_bug_r_a4 only affected Firefox 2.
This bug covers the Firefox 2 variant.
This is from MFSA 2008-41
This is now public
thunderbird-18.104.22.168-1.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
thunderbird-22.214.171.124-1.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.