Mozilla developer Justin Dolske discovered that malicious sites, upon a user saving his or her password, could inject newlines into Firefox's password store and corrupt saved passwords for other sites.
Workaround

Do not ask Firefox to save passwords on untrusted sites until a version containing these fixes can be installed.
References

* https://bugzilla.mozilla.org/show_bug.cgi?id=394610
* CVE-2008-0417

cve 1

veracode 1

prion 1

ubuntucve 1

mozilla 1

openvas 73

nessus 30

fedora 32

seebug 1

securityvulns 1

centos 3

suse 1

debian 6

oraclelinux 2

redhat 2

osv 3

freebsd 1

ubuntu 1

gentoo 1

cve

CVE-2008-0417

2008-02-08 22:00:00

veracode

Privilege Escalation

2020-04-10 00:19:46

prion

Crlf injection

2008-02-08 22:00:00

ubuntucve

CVE-2008-0417

2008-02-08 00:00:00

mozilla

Stored password corruption — Mozilla

2008-02-07 00:00:00

openvas

CentOS Update for seamonkey CESA-2008:0104 centos4 x86_64

2009-02-27 00:00:00

CentOS Update for firefox CESA-2008:0103 centos5 x86_64

2009-02-27 00:00:00

CentOS Update for seamonkey CESA-2008:0104 centos4 x86_64

2009-02-27 00:00:00

nessus

Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64

2012-08-01 00:00:00

Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64

2012-08-01 00:00:00

SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 5001)

2008-02-14 00:00:00

fedora

[SECURITY] Fedora 8 Update: seamonkey-1.1.8-1.fc8

2008-02-13 04:53:43

[SECURITY] Fedora 7 Update: seamonkey-1.1.8-1.fc7

2008-02-13 15:10:50

[SECURITY] Fedora 7 Update: epiphany-extensions-2.18.3-7

2008-02-13 04:51:06

seebug

Mozilla Thunderbird/Seamonkey/Firefox 2.0.0.12修复多个安全漏洞

2008-02-22 00:00:00

securityvulns

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulonerabilities

2008-02-11 00:00:00

centos

firefox security update

2008-02-08 19:18:05

seamonkey security update

2008-02-11 00:20:26

seamonkey security update

2008-02-08 19:04:30

suse

remote code execution in MozillaFirefox,seamonkey

2008-02-15 17:07:07

debian

[SECURITY] [DSA 1506-1] New iceape packages fix several vulnerabilities

2008-02-24 12:30:41

[SECURITY] [DSA 1506-2] New iceape packages fix regression

2008-03-20 01:41:06

[SECURITY] [DSA 1484-1] New xulrunner packages fix several vulnerabilities

2008-02-10 20:23:48

oraclelinux

Critical: firefox security update

2008-02-08 00:00:00

Critical: seamonkey security update

2008-02-08 00:00:00

redhat

(RHSA-2008:0103) Critical: firefox security update

2008-02-07 00:00:00

(RHSA-2008:0104) Critical: seamonkey security update

2008-02-07 00:00:00

osv

iceweasel - several vulnerabilities

2008-02-10 00:00:00

xulrunner - several vulnerabilities

2008-02-10 00:00:00

iceape - several vulnerabilities

2008-02-24 00:00:00

freebsd

mozilla -- multiple vulnerabilities

2008-02-07 00:00:00

ubuntu

Firefox vulnerabilities

2008-02-08 00:00:00

gentoo

Mozilla products: Multiple vulnerabilities

2008-05-20 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

JSON

Related for SECURITYVULNS:DOC:19036