Lucene search

CVE-2008-2933

🗓️ 17 Jul 2008 13:00:41Reported by redhatType

cve🔗 web.nvd.nist.gov👁 67 Views🌐 WEB

Mozilla Firefox before 2.0.0.16, interprets '|' character in UR

Reporter	Title	Published	Views	Family All 199
Cvelist	CVE-2008-2933	17 Jul 200810:00	–	cvelist
Cvelist	CVE-2008-3198	17 Jul 200810:00	–	cvelist
Cvelist	CVE-2005-2267	13 Jul 200504:00	–	cvelist
Cvelist	CVE-2008-2540	3 Jun 200815:00	–	cvelist
Prion	Design/Logic Flaw	17 Jul 200813:41	–	prion
Prion	Design/Logic Flaw	17 Jul 200813:41	–	prion
Prion	Privilege escalation	3 Jun 200815:32	–	prion
NVD	CVE-2008-2933	17 Jul 200813:41	–	nvd
NVD	CVE-2008-3198	17 Jul 200813:41	–	nvd
NVD	CVE-2005-2267	13 Jul 200504:00	–	nvd

Nvd

Node

mozilla firefoxRange≤2.0.0.15

mozilla firefoxMatch0.8

mozilla firefoxMatch0.9

mozilla firefoxMatch0.9.1

mozilla firefoxMatch0.9.2

mozilla firefoxMatch0.9.3

mozilla firefoxMatch0.10

mozilla firefoxMatch0.10.1

mozilla firefoxMatch1.0

mozilla firefoxMatch1.0.1

mozilla firefoxMatch1.0.2

mozilla firefoxMatch1.0.3

mozilla firefoxMatch1.0.4

mozilla firefoxMatch1.0.5

mozilla firefoxMatch1.0.6

mozilla firefoxMatch1.0.7

mozilla firefoxMatch1.0.8

mozilla firefoxMatch1.5

mozilla firefoxMatch1.5.0.1

mozilla firefoxMatch1.5.0.2

mozilla firefoxMatch1.5.0.3

mozilla firefoxMatch1.5.0.4

mozilla firefoxMatch1.5.0.5

mozilla firefoxMatch1.5.0.6

mozilla firefoxMatch1.5.0.7

mozilla firefoxMatch1.5.0.8

mozilla firefoxMatch1.5.0.9

mozilla firefoxMatch1.5.0.10

mozilla firefoxMatch1.5.0.11

mozilla firefoxMatch1.5.0.12

mozilla firefoxMatch1.5.1

mozilla firefoxMatch1.5.2

mozilla firefoxMatch1.5.3

mozilla firefoxMatch1.5.4

mozilla firefoxMatch1.5.5

mozilla firefoxMatch1.5.6

mozilla firefoxMatch1.5.7

mozilla firefoxMatch1.5.8

mozilla firefoxMatch1.8

mozilla firefoxMatch2.0

mozilla firefoxMatch2.0.0.1

mozilla firefoxMatch2.0.0.2

mozilla firefoxMatch2.0.0.3

mozilla firefoxMatch2.0.0.4

mozilla firefoxMatch2.0.0.5

mozilla firefoxMatch2.0.0.6

mozilla firefoxMatch2.0.0.7

mozilla firefoxMatch2.0.0.8

mozilla firefoxMatch2.0.0.9

mozilla firefoxMatch2.0.0.10

mozilla firefoxMatch2.0.0.11

mozilla firefoxMatch2.0.0.12

mozilla firefoxMatch2.0.0.13

mozilla firefoxMatch2.0.0.14

mozilla firefoxMatch2.0_.1

mozilla firefoxMatch2.0_.4

mozilla firefoxMatch2.0_.5

mozilla firefoxMatch2.0_.6

mozilla firefoxMatch2.0_.7

mozilla firefoxMatch2.0_.9

mozilla firefoxMatch2.0_.10

mozilla firefoxMatch2.0_8

mozilla firefoxMatch3.0

Source	Link
securitytracker	www.securitytracker.com/id
secunia	www.secunia.com/advisories/31129
secunia	www.secunia.com/advisories/31121
ubuntu	www.ubuntu.com/usn/usn-626-2
secunia	www.secunia.com/advisories/31176
secunia	www.secunia.com/advisories/31270
redhat	www.redhat.com/support/errata/RHSA-2008-0597.html
wiki	www.wiki.rpath.com/wiki/Advisories:rPSA-2008-0238
debian	www.debian.org/security/2008/dsa-1614
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/43832

Parameter	Position	Path	Description	CWE
URI	query param	http://www.mozilla.com/en-US/firefox/	Firefox can be tricked into opening multiple URIs, allowing access to potentially sensitive local resources.	CWE-20
URI	query param	https://www.redhat.com/support/errata/RHSA-2008-0597.html	RedHat provides patches for the vulnerability affecting Firefox.	CWE-20

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

17 Jul 2008 13:41Current

8.8High risk

Vulners AI Score8.8

CVSS22.6

EPSS0.52924

CWE-20