Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5511

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-5511
Last Modified 30 Oct 2012 11:07:54
Published 17 Dec 2008 06:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-5511

Summary

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy and conduct cross-site scripting (XSS) attacks via an XBL binding to an "unloaded document."

Vulnerable Systems

Application

  • Mozilla Firefox 2.0

  • Mozilla Firefox 2.0.0.1

  • Mozilla Firefox 2.0.0.10

  • Mozilla Firefox 2.0.0.11

  • Mozilla Firefox 2.0.0.12

  • Mozilla Firefox 2.0.0.13

  • Mozilla Firefox 2.0.0.14

  • Mozilla Firefox 2.0.0.15

  • Mozilla Firefox 2.0.0.16

  • Mozilla Firefox 2.0.0.17

  • Mozilla Firefox 2.0.0.18

  • Mozilla Firefox 2.0.0.2

  • Mozilla Firefox 2.0.0.3

  • Mozilla Firefox 2.0.0.4

  • Mozilla Firefox 2.0.0.5

  • Mozilla Firefox 2.0.0.6

  • Mozilla Firefox 2.0.0.7

  • Mozilla Firefox 2.0.0.8

  • Mozilla Firefox 2.0.0.9

  • Mozilla Firefox 3.0

  • Mozilla Firefox 3.0.1

  • Mozilla Firefox 3.0.2

  • Mozilla Firefox 3.0.3

  • Mozilla Firefox 3.0.4

  • Mozilla Seamonkey 1.0

  • Mozilla Seamonkey 1.0.1

  • Mozilla Seamonkey 1.0.2

  • Mozilla Seamonkey 1.0.3

  • Mozilla Seamonkey 1.0.5

  • Mozilla Seamonkey 1.0.6

  • Mozilla Seamonkey 1.0.7

  • Mozilla Seamonkey 1.0.8

  • Mozilla Seamonkey 1.0.9

  • Mozilla Seamonkey 1.1

  • Mozilla Seamonkey 1.1.1

  • Mozilla Seamonkey 1.1.10

  • Mozilla Seamonkey 1.1.11

  • Mozilla Seamonkey 1.1.12

  • Mozilla Seamonkey 1.1.13

  • Mozilla Seamonkey 1.1.2

  • Mozilla Seamonkey 1.1.3

  • Mozilla Seamonkey 1.1.4

  • Mozilla Seamonkey 1.1.5

  • Mozilla Seamonkey 1.1.6

  • Mozilla Seamonkey 1.1.7

  • Mozilla Seamonkey 1.1.8

  • Mozilla Seamonkey 1.1.9

  • Mozilla Thunderbird 2.0.0.0

  • Mozilla Thunderbird 2.0.0.12

  • Mozilla Thunderbird 2.0.0.14

  • Mozilla Thunderbird 2.0.0.16

  • Mozilla Thunderbird 2.0.0.17

  • Mozilla Thunderbird 2.0.0.18

  • Mozilla Thunderbird 2.0.0.4

  • Mozilla Thunderbird 2.0.0.5

  • Mozilla Thunderbird 2.0.0.6

  • Mozilla Thunderbird 2.0.0.9


References

MISC - https://bugzilla.mozilla.org/show_bug.cgi?id=464174

MISC - https://bugzilla.mozilla.org/show_bug.cgi?id=451680

XF - mozilla-xbl-security-bypass(47417)

VUPEN - ADV-2009-0977

UBUNTU - USN-690-3

UBUNTU - USN-690-1

UBUNTU - USN-690-2

SECTRACK - 1021418

BID - 32882

REDHAT - RHSA-2009:0002

REDHAT - RHSA-2008:1037

REDHAT - RHSA-2008:1036

CONFIRM - http://www.mozilla.org/security/announce/2008/mfsa2008-68.html

MANDRIVA - MDVSA-2009:012

MANDRIVA - MDVSA-2008:245

MANDRIVA - MDVSA-2008:244

DEBIAN - DSA-1707

DEBIAN - DSA-1704

DEBIAN - DSA-1697

DEBIAN - DSA-1696

SUNALERT - 258748

SUNALERT - 256408

SECUNIA - 35080

SECUNIA - 34501

SECUNIA - 33547

SECUNIA - 33523

SECUNIA - 33434

SECUNIA - 33433

SECUNIA - 33421

SECUNIA - 33232

SECUNIA - 33231

SECUNIA - 33216

SECUNIA - 33205

SECUNIA - 33204

SECUNIA - 33203

SECUNIA - 33189

SECUNIA - 33188

SECUNIA - 33184

UBUNTU - USN-701-2

UBUNTU - USN-701-1

SECUNIA - 33415

SECUNIA - 33408

Related Patches

Novell SUSE 2008:5889 epiphany security update for SLE 10 SP2 i586

Mozilla Firefox 2.0.0.20 for Windows (Update)


Last Updated: 27 May 2016 10:49:48