Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5513

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-5513
Last Modified 21 Aug 2010 01:26:26
Published 17 Dec 2008 06:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-5513

Summary

Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with other domains, and conduct cross-site scripting (XSS) attacks via unknown vectors related to restoration of SessionStore data.

Vulnerable Systems

Application

  • Mozilla Firefox 2.0

  • Mozilla Firefox 2.0.0.1

  • Mozilla Firefox 2.0.0.10

  • Mozilla Firefox 2.0.0.11

  • Mozilla Firefox 2.0.0.12

  • Mozilla Firefox 2.0.0.13

  • Mozilla Firefox 2.0.0.14

  • Mozilla Firefox 2.0.0.15

  • Mozilla Firefox 2.0.0.16

  • Mozilla Firefox 2.0.0.17

  • Mozilla Firefox 2.0.0.18

  • Mozilla Firefox 2.0.0.2

  • Mozilla Firefox 2.0.0.3

  • Mozilla Firefox 2.0.0.4

  • Mozilla Firefox 2.0.0.5

  • Mozilla Firefox 2.0.0.6

  • Mozilla Firefox 2.0.0.7

  • Mozilla Firefox 2.0.0.8

  • Mozilla Firefox 2.0.0.9

  • Mozilla Firefox 3.0

  • Mozilla Firefox 3.0.1

  • Mozilla Firefox 3.0.2

  • Mozilla Firefox 3.0.3

  • Mozilla Firefox 3.0.4


References

XF - firefox-sessionrestore-security-bypass(47418)

VUPEN - ADV-2009-0977

UBUNTU - USN-690-1

UBUNTU - USN-690-2

SECTRACK - 1021421

BID - 32882

REDHAT - RHSA-2009:0002

REDHAT - RHSA-2008:1037

REDHAT - RHSA-2008:1036

CONFIRM - http://www.mozilla.org/security/announce/2008/mfsa2008-69.html

MANDRIVA - MDVSA-2008:245

MANDRIVA - MDVSA-2008:244

DEBIAN - DSA-1707

SUNALERT - 256408

SECUNIA - 34501

SECUNIA - 33523

SECUNIA - 33421

SECUNIA - 33231

SECUNIA - 33216

SECUNIA - 33203

SECUNIA - 33189

SECUNIA - 33188

SECUNIA - 33184

Related Patches

Mozilla Firefox 2.0.0.20 for Windows (Update)


Last Updated: 27 May 2016 10:48:49