5

CVE-2008-5510

EPSS 1.13%
Published 17.12.2008 23:30:00
Last modified 09.04.2025 00:30:58
Source secalert@redhat.com
Teams watchlist Login
Open Login

The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms such as sanitization routines.

Affected products Warnungen 0 Metrics 2 CWE 0 References 31

Data is provided by the National Vulnerability Database (NVD)

Mozilla ≫ Firefox Version >= 2.0 < 2.0.0.19

Mozilla ≫ Firefox Version >= 3.0 < 3.0.5

Mozilla ≫ Seamonkey Version >= 1.0 < 1.1.14

Mozilla ≫ Thunderbird Version >= 2.0 < 2.0.0.19

Canonical ≫ Ubuntu Linux Version7.10

Canonical ≫ Ubuntu Linux Version8.04 SwEditionlts

Canonical ≫ Ubuntu Linux Version8.10

Debian ≫ Debian Linux Version4.0

Debian ≫ Debian Linux Version5.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.13%	0.764

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N

http://secunia.com/advisories/34501

Third Party Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1

Broken Link

http://www.vupen.com/english/advisories/2009/0977

Third Party Advisory

http://secunia.com/advisories/33184

Third Party Advisory

http://secunia.com/advisories/33188

Third Party Advisory

http://secunia.com/advisories/33203

Third Party Advisory

http://secunia.com/advisories/33204

Third Party Advisory

http://secunia.com/advisories/33205

Third Party Advisory

http://secunia.com/advisories/33216

Third Party Advisory

http://secunia.com/advisories/33231

Third Party Advisory

http://secunia.com/advisories/33408

Third Party Advisory

http://secunia.com/advisories/33523

Third Party Advisory

http://secunia.com/advisories/35080

Third Party Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1

Broken Link

http://www.debian.org/security/2009/dsa-1707

Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2008:244

Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2008:245

Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2009:012

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2008-1036.html

Third Party Advisory

http://www.securityfocus.com/bid/32882

Third Party Advisory

VDB Entry

http://www.ubuntu.com/usn/usn-690-2

Third Party Advisory

http://www.ubuntu.com/usn/usn-701-1

Third Party Advisory

https://usn.ubuntu.com/690-1/

Third Party Advisory

http://www.mozilla.org/security/announce/2008/mfsa2008-67.html

Vendor Advisory

http://www.securitytracker.com/id?1021425

Third Party Advisory

VDB Entry

https://bugzilla.mozilla.org/show_bug.cgi?id=228856

Vendor Advisory

Issue Tracking

https://exchange.xforce.ibmcloud.com/vulnerabilities/47415

Third Party Advisory

VDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9662

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2008-5510

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-5510

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-5510

EUVD