The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses a random number generator that is seeded only once per browser session, which makes it easier for remote attackers to track a user, or trick a user into acting upon a spoofed pop-up message, by calculating the seed value, related to a "temporary footprint" and an "in-session phishing attack."
Publish Date : 2009-01-20 Last Update Date : 2017-09-29
Title |
Definition Id |
Class |
Family |
CVE-2008-5913 |
oval:org.opensuse.security:def:20085913 |
|
unix |
DEPRECATED: ELSA-2010-0501 -- firefox security, bug fix, and enhancement update (critical) |
oval:org.mitre.oval:def:27902 |
|
unix |
ELSA-2010:0501: firefox security, bug fix, and enhancement update (Critical) |
oval:org.mitre.oval:def:22794 |
|
unix |
RHSA-2010:0500: firefox security, bug fix, and enhancement update (Critical) |
oval:com.redhat.rhsa:def:20100500 |
|
unix |
RHSA-2010:0501: firefox security, bug fix, and enhancement update (Critical) |
oval:org.mitre.oval:def:21689 |
|
unix |
RHSA-2010:0501: firefox security, bug fix, and enhancement update (Critical) |
oval:com.redhat.rhsa:def:20100501 |
|
unix |
The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4,... |
oval:org.mitre.oval:def:11139 |
|
unix |
|
OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify
a vulnerability or a missing patch. Check out the OVAL definitions
if you want to learn what you should do to verify a vulnerability.