Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2008-5024

Опубликовано: 13 нояб. 2008
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 7.5

Описание

Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly escape quote characters used for XML processing, which allows remote attackers to conduct XML injection attacks via the default namespace in an E4X document.

РелизСтатусПримечание
dapper

released

1.5.dfsg+1.5.0.15~prepatch080614h-0ubuntu1
devel

DNE

gutsy

released

2.0.0.18+nobinonly-0ubuntu0.7.10
hardy

released

2.0.0.18+nobinonly-0ubuntu0.8.04.1
intrepid

DNE

upstream

released

2.0.0.18

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

3.0.4+nobinonly-0ubuntu2
gutsy

ignored

end of life, was needed
hardy

released

3.0.4+nobinonly-0ubuntu0.8.04.1
intrepid

released

3.0.4+nobinonly-0ubuntu0.8.10.1
upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

gutsy

ignored

end of life, was needed
hardy

DNE

intrepid

DNE

upstream

released

1.1.13

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

gutsy

DNE

hardy

DNE

intrepid

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

gutsy

DNE

hardy

DNE

intrepid

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

released

1.5.0.13+1.5.0.15~prepatch080614h-0ubuntu0.6.06.1
devel

DNE

gutsy

DNE

hardy

DNE

intrepid

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

1.1.13+nobinonly-0ubuntu1
gutsy

DNE

hardy

released

1.1.15+nobinonly-0ubuntu0.8.04.2
intrepid

released

1.1.15+nobinonly-0ubuntu0.8.10.2
upstream

released

1.1.13

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

2.0.0.18+nobinonly-0ubuntu1
gutsy

released

2.0.0.18+nobinonly-0ubuntu0.7.10.1
hardy

released

2.0.0.18+nobinonly-0ubuntu0.8.04.1
intrepid

released

2.0.0.18+nobinonly-0ubuntu0.8.10.1
upstream

released

2.0.0.18

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

1.8.1.16+nobinonly-0ubuntu1
gutsy

released

1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.7.10.1
hardy

released

1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.8.04.1
intrepid

released

1.8.1.16+nobinonly-0ubuntu1
upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

1.9.0.4+nobinonly-0ubuntu1
gutsy

ignored

end of life, was needed
hardy

released

1.9.0.4+nobinonly-0ubuntu0.8.04.1
intrepid

released

1.9.0.4+nobinonly-0ubuntu0.8.10.1
upstream

released

1.9.0.4

Показывать по

Ссылки на источники

EPSS

Процентиль: 90%
0.05502
Низкий

7.5 High

CVSS2

Связанные уязвимости

redhat логотип

CVE-2008-5024

redhat
больше 16 лет назад

Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly escape quote characters used for XML processing, which allows remote attackers to conduct XML injection attacks via the default namespace in an E4X document.

nvd логотип

CVE-2008-5024

nvd
больше 16 лет назад

Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly escape quote characters used for XML processing, which allows remote attackers to conduct XML injection attacks via the default namespace in an E4X document.

debian логотип

CVE-2008-5024

debian
больше 16 лет назад

Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunder ...

github логотип

GHSA-r9x5-wf23-5hh7

github
около 3 лет назад

Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly escape quote characters used for XML processing, which allows remote attackers to conduct XML injection attacks via the default namespace in an E4X document.

oracle-oval логотип

ELSA-2008-0978

oracle-oval
больше 16 лет назад

ELSA-2008-0978: firefox security update (CRITICAL)

EPSS

Процентиль: 90%
0.05502
Низкий

7.5 High

CVSS2

Уязвимость CVE-2008-5024