Lucene search
Ubuntu.comUB:CVE-2008-1240HistoryMar 28, 2008 - 12:00 a.m.
CVE-2008-1240
2008-03-2800:00:00
ubuntu.com
ubuntu.com
18
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.012 Low
EPSS
Percentile
85.2%
LiveConnect in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9
does not properly parse the content origin for jar: URIs before sending
them to the Java plugin, which allows remote attackers to access arbitrary
ports on the local machine. NOTE: this is closely related to
CVE-2008-1195.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 6.06 | noarch | firefox | < 1.5.dfsg+1.5.0.15~prepatch080323a-0ubuntu1 | UNKNOWN |
| ubuntu | 6.10 | noarch | firefox | < 2.0.0.13+0nobinonly-0ubuntu0.6.10 | UNKNOWN |
| ubuntu | 7.04 | noarch | firefox | < 2.0.0.13+0nobinonly-0ubuntu0.7.4 | UNKNOWN |
| ubuntu | 7.10 | noarch | firefox | < 2.0.0.13+1nobinonly-0ubuntu0.7.10 | UNKNOWN |
| ubuntu | 8.04 | noarch | firefox | < 2.0.0.13+1nobinonly-0ubuntu1 | UNKNOWN |
| ubuntu | 8.04 | noarch | seamonkey | < 1.1.9+nobinonly-0ubuntu1 | UNKNOWN |
| ubuntu | 8.10 | noarch | seamonkey | < 1.1.9+nobinonly-0ubuntu1 | UNKNOWN |
| ubuntu | 7.10 | noarch | xulrunner | < 1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.7.10.1 | UNKNOWN |
| ubuntu | 8.04 | noarch | xulrunner | < 1.8.1.13+nobinonly-0ubuntu1 | UNKNOWN |
| ubuntu | 8.10 | noarch | xulrunner | < 1.8.1.13+nobinonly-0ubuntu1 | UNKNOWN |
Related
prion
prion
Design/Logic Flaw
2008-03-28 01:44:00
Code injection
2008-03-06 21:44:00
cve
cve
CVE-2008-1240
2008-03-28 01:44:00
CVE-2008-1195
2008-03-06 21:44:00
mozilla
mozilla
Java socket connection to any local port via LiveConnect — Mozilla
2008-03-25 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2008-18
2008-03-26 00:00:00
Mozilla Firefox / Seamonkey multiple security vulnerabilities
2008-03-28 00:00:00
ubuntucve
ubuntucve
CVE-2008-1195
2008-03-06 00:00:00
nessus
nessus
SuSE 10 Security Update : epiphany (ZYPP Patch Number 5164)
2008-04-18 00:00:00
openSUSE 10 Security Update : seamonkey (seamonkey-5167)
2008-04-22 00:00:00
suse
suse
remote code execution in MozillaFirefox
2008-04-04 15:01:05
remote code execution in Sun Java
2008-04-02 15:02:11
remote code execution in IBMJava2,IBMJava5,java-1_4_2-ibm,java-1_5_0-ibm
2008-04-25 14:46:33
openvas
openvas
Mandriva Update for mozilla-firefox MDVSA-2008:080 (mozilla-firefox)
2009-04-09 00:00:00
SLES10: Security update for epiphany
2009-10-13 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2008-03-26 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2008-03-26 00:00:00
seebug
seebug
Mozilla Thunderbird/Seamonkey/Firefox 2.0.0.13版本修复多个安全漏洞
2008-03-31 00:00:00
redhat
redhat
(RHSA-2008:0267) Critical: java-1.6.0-ibm security update
2008-05-19 00:00:00
(RHSA-2008:0210) Critical: java-1.5.0-ibm security update
2008-04-03 00:00:00
(RHSA-2008:0186) Critical: java-1.5.0-sun security update
2008-03-06 00:00:00
osv
osv
debian
debian
[SECURITY] [DSA 1534-2] New iceape packages fix regression
2008-04-24 21:02:40
[SECURITY] [DSA 1535-1] New iceweasel packages fix several vulnerabilities
2008-03-30 12:22:31
[SECURITY] [DSA 1534-1] New iceape packages fix several vulnerabilities
2008-03-28 13:48:02
f5
f5
SOL16475 - Multiple Sun Java vulnerabilities
2015-04-21 00:00:00
K16475 : Multiple Sun Java vulnerabilities
2015-04-21 00:00:00
gentoo
gentoo
Mozilla products: Multiple vulnerabilities
2008-05-20 00:00:00
Sun JDK/JRE: Multiple vulnerabilities
2008-04-17 00:00:00
vmware
vmware
Updated Tomcat and Java JRE packages for VMware ESX 3.5 and VirtualCenter
2008-06-16 00:00:00
Updated Tomcat and Java JRE packages for VMware ESX 3.5 and VirtualCenter
2008-06-16 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.012 Low
EPSS
Percentile
85.2%
Related for UB:CVE-2008-1240