Lucene search
HistoryJul 17, 2008 - 1:41 p.m.
CVE-2008-3198
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.8
Confidence
High
EPSS
0.025
Percentile
90.1%
Mozilla Firefox 3.x before 3.0.1 allows remote attackers to inject arbitrary web script into a chrome document via unspecified vectors, as demonstrated by injection into a XUL error page. NOTE: this can be leveraged to execute arbitrary code using CVE-2008-2933.
Affected configurations
Node
mozillafirefoxMatch3.0
Related
ubuntucve
ubuntucve
CVE-2008-3198
2008-07-17 00:00:00
CVE-2008-2933
2008-07-17 00:00:00
prion
prion
Design/Logic Flaw
2008-07-17 13:41:00
Design/Logic Flaw
2008-07-17 13:41:00
cve
cve
CVE-2008-3198
2008-07-17 13:41:00
CVE-2008-2933
2008-07-17 13:41:00
cvelist
cvelist
CVE-2008-3198
2008-07-17 10:00:00
CVE-2008-2933
2008-07-17 10:00:00
nessus
nessus
Oracle Linux 5 : firefox (ELSA-2008-0597)
2013-07-12 00:00:00
Firefox 3.x < 3.0.1 Multiple Vulnerabilities
2008-07-17 00:00:00
CentOS 5 : firefox (CESA-2008:0597)
2010-01-06 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-1614-1)
2008-08-15 00:00:00
Oracle: Security Advisory (ELSA-2008-0597)
2015-10-08 00:00:00
Fedora Update for gtkmozembedmm FEDORA-2008-6491
2009-02-17 00:00:00
centos
centos
devhelp, firefox, xulrunner security update
2008-07-17 02:39:25
firefox security update
2008-07-17 02:50:07
osv
osv
iceweasel - several vulnerabilities
2008-07-23 00:00:00
xulrunner - several vulnerabilities
2008-07-23 00:00:00
iceape - several vulnerabilities
2009-01-07 00:00:00
redhat
redhat
(RHSA-2008:0597) Critical: firefox security update
2008-07-16 00:00:00
(RHSA-2008:0598) Critical: firefox security update
2008-07-16 00:00:00
oraclelinux
oraclelinux
firefox security update
2008-07-16 00:00:00
firefox security update
2008-07-16 00:00:00
seebug
seebug
Mozilla Firefox URI拆分绕过安全限制漏洞
2008-07-17 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2008-35
2008-07-18 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2008-07-18 00:00:00
veracode
veracode
Information Disclosure
2020-04-10 00:23:56
cert
cert
Mozilla Firefox command line URI handling vulnerability
2008-07-16 00:00:00
mozilla
mozilla
Command-line URLs launch multiple tabs when Firefox not running — Mozilla
2008-07-15 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: yelp-2.20.0-11.fc8
2008-07-18 08:07:34
[SECURITY] Fedora 8 Update: epiphany-extensions-2.20.1-9.fc8
2008-07-18 08:07:34
[SECURITY] Fedora 8 Update: galeon-2.0.4-4.fc8.3
2008-07-18 08:07:34
debian
debian
[SECURITY] [DSA 1614-1] New iceweasel packages fix several vulnerabilities
2008-07-23 20:07:11
[SECURITY] [DSA 1615-1] New xulrunner packages fix several vulnerabilities
2008-07-23 20:33:58
[SECURITY] [DSA 1697-1] New iceape packages fix several vulnerabilities
2009-01-07 21:41:42
ubuntu
ubuntu
Firefox vulnerabilities
2008-07-17 00:00:00
Devhelp, Epiphany, Midbrowser and Yelp update
2008-08-04 00:00:00
Firefox and xulrunner vulnerabilities
2008-07-28 00:00:00
nvd
nvd
CVE-2008-2933
2008-07-17 13:41:00
gentoo
gentoo
Mozilla products: Multiple vulnerabilities
2008-08-06 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.8
Confidence
High
EPSS
0.025
Percentile
90.1%
Related for NVD:CVE-2008-3198