CVE-2008-5503

CVE-2008-5503 · LOW Severity

AV:N/AC:H/AU:N/C:P/I:N/A:N

The loadBindingDocument function in Mozilla Firefox 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not perform any security checks related to the same-domain policy, which allows remote attackers to read or access data from other domains via crafted XBL bindings.

Learn more about our Cis Benchmark Audit For Bind.