Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2008-5507

Опубликовано: 17 дек. 2008
Источник: nvd
CVSS2: 6
EPSS Низкий

Описание

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to bypass the same origin policy and access portions of data from another domain via a JavaScript URL that redirects to the target resource, which generates an error if the target data does not have JavaScript syntax, which can be accessed using the window.onerror DOM API.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Версия от 2.0 (включая) до 2.0.0.19 (исключая)
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Версия от 3.0 (включая) до 3.0.5 (исключая)
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
Версия от 1.0 (включая) до 1.1.14 (исключая)
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
Версия от 2.0 (включая) до 2.0.0.19 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*

EPSS

Процентиль: 66%
0.00535
Низкий

6 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

ubuntu логотип

CVE-2008-5507

ubuntu
больше 16 лет назад

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to bypass the same origin policy and access portions of data from another domain via a JavaScript URL that redirects to the target resource, which generates an error if the target data does not have JavaScript syntax, which can be accessed using the window.onerror DOM API.

redhat логотип

CVE-2008-5507

redhat
больше 16 лет назад

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to bypass the same origin policy and access portions of data from another domain via a JavaScript URL that redirects to the target resource, which generates an error if the target data does not have JavaScript syntax, which can be accessed using the window.onerror DOM API.

debian логотип

CVE-2008-5507

debian
больше 16 лет назад

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird ...

github логотип

GHSA-q2h5-97m4-jvvg

github
около 3 лет назад

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to bypass the same origin policy and access portions of data from another domain via a JavaScript URL that redirects to the target resource, which generates an error if the target data does not have JavaScript syntax, which can be accessed using the window.onerror DOM API.

oracle-oval логотип

ELSA-2008-1036

oracle-oval
больше 16 лет назад

ELSA-2008-1036: firefox security update (CRITICAL)

EPSS

Процентиль: 66%
0.00535
Низкий

6 Medium

CVSS2

Дефекты

CWE-200