5
CVE-2008-5510
- EPSS 2.21%
- Veröffentlicht 17.12.2008 23:30:00
- Zuletzt bearbeitet 16.06.2026 23:00:26
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms such as sanitization routines.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mozilla ≫ Thunderbird Version >= 2.0 < 2.0.0.19
Canonical ≫ Ubuntu Linux Version7.10
Canonical ≫ Ubuntu Linux Version8.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version8.10
Debian ≫ Debian Linux Version4.0
Debian ≫ Debian Linux Version5.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.21% | 0.803 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
http://secunia.com/advisories/34501
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
http://www.vupen.com/english/advisories/2009/0977
http://secunia.com/advisories/33184
http://secunia.com/advisories/33188
http://secunia.com/advisories/33203
http://secunia.com/advisories/33204
http://secunia.com/advisories/33205
http://secunia.com/advisories/33216
http://secunia.com/advisories/33231
http://secunia.com/advisories/33408
http://secunia.com/advisories/33523
http://secunia.com/advisories/35080
http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1
http://www.debian.org/security/2009/dsa-1707
http://www.mandriva.com/security/advisories?name=MDVSA-2008:244
http://www.mandriva.com/security/advisories?name=MDVSA-2008:245
http://www.mandriva.com/security/advisories?name=MDVSA-2009:012
http://www.redhat.com/support/errata/RHSA-2008-1036.html
http://www.securityfocus.com/bid/32882
http://www.ubuntu.com/usn/usn-690-2
http://www.ubuntu.com/usn/usn-701-1
https://usn.ubuntu.com/690-1/
http://www.mozilla.org/security/announce/2008/mfsa2008-67.html
http://www.securitytracker.com/id?1021425
https://bugzilla.mozilla.org/show_bug.cgi?id=228856
https://exchange.xforce.ibmcloud.com/vulnerabilities/47415
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9662