Lucene search
Ubuntu.comUB:CVE-2008-5015HistoryNov 13, 2008 - 12:00 a.m.
CVE-2008-5015
2008-11-1300:00:00
ubuntu.com
ubuntu.com
8
5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.023 Low
EPSS
Percentile
89.8%
Mozilla Firefox 3.x before 3.0.4 assigns chrome privileges to a file: URI
when it is accessed in the same tab from a chrome or privileged about:
page, which makes it easier for user-assisted attackers to execute
arbitrary JavaScript with chrome privileges via malicious code in a file
that has already been saved on the local system.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 6.06 | noarch | firefox | < 1.5.dfsg+1.5.0.15~prepatch080614h-0ubuntu1 | UNKNOWN |
| ubuntu | 7.10 | noarch | firefox | < 2.0.0.18+nobinonly-0ubuntu0.7.10 | UNKNOWN |
| ubuntu | 8.04 | noarch | firefox | < 2.0.0.19+nobinonly1-0ubuntu0.8.04.1 | UNKNOWN |
| ubuntu | 8.04 | noarch | firefox-3.0 | < 3.0.4+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
| ubuntu | 8.10 | noarch | firefox-3.0 | < 3.0.4+nobinonly-0ubuntu0.8.10.1 | UNKNOWN |
| ubuntu | 8.04 | noarch | xulrunner-1.9 | < 1.9.0.4+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
| ubuntu | 8.10 | noarch | xulrunner-1.9 | < 1.9.0.4+nobinonly-0ubuntu0.8.10.1 | UNKNOWN |
Related
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2008-51
2008-11-14 00:00:00
Mozilla Firefox / Thinderbird / Seamonkey multiple security vulnerabilities
2008-11-14 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:27:09
cve
cve
CVE-2008-5015
2008-11-13 11:30:01
prion
prion
Code injection
2008-11-13 11:30:00
cvelist
cvelist
CVE-2008-5015
2008-11-13 11:00:00
mozilla
mozilla
file: URIs inherit chrome privileges when opened from chrome — Mozilla
2008-11-12 00:00:00
nvd
nvd
CVE-2008-5015
2008-11-13 11:30:01
openvas
openvas
RedHat Update for firefox RHSA-2008:0978-01
2009-03-06 00:00:00
CentOS Update for firefox CESA-2008:0978 centos4 i386
2009-02-27 00:00:00
RedHat Update for firefox RHSA-2008:0978-01
2009-03-06 00:00:00
nessus
nessus
CentOS 4 / 5 : firefox (CESA-2008:0978)
2010-01-06 00:00:00
Firefox 3.0.x < 3.0.4 Multiple Vulnerabilities
2008-11-13 00:00:00
Mandriva Linux Security Advisory : firefox (MDVSA-2008:230)
2009-04-23 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: xulrunner-1.9.0.4-1.fc9
2008-11-14 12:52:41
[SECURITY] Fedora 9 Update: devhelp-0.19.1-6.fc9
2008-11-14 12:52:41
[SECURITY] Fedora 9 Update: epiphany-2.22.2-5.fc9
2008-11-14 12:52:41
centos
centos
devhelp, firefox, nss, xulrunner, yelp security update
2008-11-14 23:55:42
oraclelinux
oraclelinux
firefox security update
2008-11-13 00:00:00
redhat
redhat
(RHSA-2008:0978) Critical: firefox security update
2008-11-12 00:00:00
ubuntu
ubuntu
Firefox and xulrunner vulnerabilities
2008-11-17 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,seamonkey
2008-11-26 16:19:10
freebsd
freebsd
mozilla -- multiple vulnerabilities
2008-11-13 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.023 Low
EPSS
Percentile
89.8%
Related for UB:CVE-2008-5015