4.3

CVE-2008-5513

Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with other domains, and conduct cross-site scripting (XSS) attacks via unknown vectors related to restoration of SessionStore data.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MozillaFirefox Version >= 2.0 < 2.0.0.19
MozillaFirefox Version >= 3.0 < 3.0.5
MozillaSeamonkey Version >= 1.0 < 1.1.14
MozillaThunderbird Version >= 2.0 < 2.0.0.19
CanonicalUbuntu Linux Version7.10
CanonicalUbuntu Linux Version8.04 SwEditionlts
CanonicalUbuntu Linux Version8.10
DebianDebian Linux Version4.0
DebianDebian Linux Version5.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.78% 0.754
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

http://secunia.com/advisories/34501
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
Broken Link
http://www.vupen.com/english/advisories/2009/0977
Third Party Advisory
http://secunia.com/advisories/33184
Third Party Advisory
http://secunia.com/advisories/33188
Third Party Advisory
http://secunia.com/advisories/33189
Third Party Advisory
http://secunia.com/advisories/33203
Third Party Advisory
http://secunia.com/advisories/33216
Third Party Advisory
http://secunia.com/advisories/33231
Third Party Advisory
http://secunia.com/advisories/33421
Third Party Advisory
http://secunia.com/advisories/33523
Third Party Advisory
http://www.debian.org/security/2009/dsa-1707
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:244
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:245
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-1036.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-1037.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2009-0002.html
Third Party Advisory
http://www.securityfocus.com/bid/32882
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/usn-690-2
Third Party Advisory
https://usn.ubuntu.com/690-1/
Third Party Advisory
http://www.mozilla.org/security/announce/2008/mfsa2008-69.html
Vendor Advisory
http://www.securitytracker.com/id?1021421
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/47418
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10389
Third Party Advisory