Lucene search
Ubuntu.comUB:CVE-2008-5024HistoryNov 13, 2008 - 12:00 a.m.
CVE-2008-5024
2008-11-1300:00:00
ubuntu.com
ubuntu.com
20
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.015 Low
EPSS
Percentile
86.7%
Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird
2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly escape
quote characters used for XML processing, which allows remote attackers to
conduct XML injection attacks via the default namespace in an E4X document.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 6.06 | noarch | firefox | < 1.5.dfsg+1.5.0.15~prepatch080614h-0ubuntu1 | UNKNOWN |
| ubuntu | 7.10 | noarch | firefox | < 2.0.0.18+nobinonly-0ubuntu0.7.10 | UNKNOWN |
| ubuntu | 8.04 | noarch | firefox | < 2.0.0.18+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
| ubuntu | 8.04 | noarch | firefox-3.0 | < 3.0.4+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
| ubuntu | 8.10 | noarch | firefox-3.0 | < 3.0.4+nobinonly-0ubuntu0.8.10.1 | UNKNOWN |
| ubuntu | 6.06 | noarch | mozilla-thunderbird | < 1.5.0.13+1.5.0.15~prepatch080614h-0ubuntu0.6.06.1 | UNKNOWN |
| ubuntu | 8.04 | noarch | seamonkey | < 1.1.15+nobinonly-0ubuntu0.8.04.2 | UNKNOWN |
| ubuntu | 8.10 | noarch | seamonkey | < 1.1.15+nobinonly-0ubuntu0.8.10.2 | UNKNOWN |
| ubuntu | 7.10 | noarch | thunderbird | < 2.0.0.18+nobinonly-0ubuntu0.7.10.1 | UNKNOWN |
| ubuntu | 8.04 | noarch | thunderbird | < 2.0.0.18+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
Related
prion
prion
Design/Logic Flaw
2008-11-13 11:30:00
cve
cve
CVE-2008-5024
2008-11-13 11:30:00
veracode
veracode
Information Disclosure
2020-04-10 00:27:22
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2008-58
2008-11-14 00:00:00
mozilla
mozilla
Parsing error in E4X default namespace — Mozilla
2008-11-12 00:00:00
openvas
openvas
RedHat Update for thunderbird RHSA-2008:0976-01
2009-03-06 00:00:00
RedHat Update for thunderbird RHSA-2008:0976-01
2009-03-06 00:00:00
CentOS Update for thunderbird CESA-2008:0976 centos4 i386
2009-02-27 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2008-11-26 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: thunderbird-2.0.0.18-1.fc10
2008-11-22 16:45:06
[SECURITY] Fedora 9 Update: mozvoikko-0.9.5-4.fc9
2008-11-14 12:52:42
[SECURITY] Fedora 9 Update: gnome-web-photo-0.3-15.fc9
2008-11-14 12:52:42
nessus
nessus
Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : mozilla-thunderbird, thunderbird vulnerabilities (USN-668-1)
2009-04-23 00:00:00
Scientific Linux Security Update : thunderbird on SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
Fedora 10 : thunderbird-2.0.0.18-1.fc10 (2008-9901)
2009-04-23 00:00:00
redhat
redhat
(RHSA-2008:0976) Moderate: thunderbird security update
2008-11-19 00:00:00
(RHSA-2008:0978) Critical: firefox security update
2008-11-12 00:00:00
(RHSA-2008:0977) Critical: seamonkey security update
2008-11-12 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2008-11-20 00:00:00
firefox security update
2008-11-13 00:00:00
seamonkey security update
2008-11-13 00:00:00
centos
centos
thunderbird security update
2008-11-23 13:34:31
devhelp, firefox, nss, xulrunner, yelp security update
2008-11-14 23:55:42
seamonkey security update
2008-11-13 06:38:44
debian
debian
[SECURITY] [DSA 1671-1] New iceweasel packages fix several vulnerabilities
2008-11-24 21:36:45
osv
osv
iceweasel - several vulnerabilities
2008-11-24 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,seamonkey
2008-11-26 16:19:10
freebsd
freebsd
mozilla -- multiple vulnerabilities
2008-11-13 00:00:00
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.015 Low
EPSS
Percentile
86.7%
Related for UB:CVE-2008-5024