Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2008-5503
HistoryDec 17, 2008 - 12:00 a.m.

CVE-2008-5503

2008-12-1700:00:00
ubuntu.com
ubuntu.com
17

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.044 Low

EPSS

Percentile

92.5%

JSON

The loadBindingDocument function in Mozilla Firefox 2.x before 2.0.0.19,
Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not
perform any security checks related to the same-domain policy, which allows
remote attackers to read or access data from other domains via crafted XBL
bindings.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchfirefox< 1.5.dfsg+1.5.0.15~prepatch080614i-0ubuntu1UNKNOWN
ubuntu7.10noarchfirefox< 2.0.0.19+nobinonly1-0ubuntu0.7.10.1UNKNOWN
ubuntu8.04noarchfirefox< 2.0.0.21~tb.21.308+nobinonly-0ubuntu0.8.04.1UNKNOWN
ubuntu8.04noarchfirefox-3.0< 3.0.5+nobinonly-0ubuntu0.8.04.1UNKNOWN
ubuntu8.10noarchfirefox-3.0< 3.0.5+nobinonly-0ubuntu0.8.10.1UNKNOWN
ubuntu9.04noarchfirefox-3.0< 3.0.5+nobinonly-0ubuntu1UNKNOWN
ubuntu6.06noarchmozilla-thunderbird< 1.5.0.13+1.5.0.15~prepatch080614i-0ubuntu0.6.06.1UNKNOWN
ubuntu8.04noarchseamonkey< 1.1.17+nobinonly-0ubuntu0.8.04.1UNKNOWN
ubuntu8.10noarchseamonkey< 1.1.17+nobinonly-0ubuntu0.8.10.1UNKNOWN
ubuntu7.10noarchthunderbird< 2.0.0.19+nobinonly-0ubuntu0.7.10.1UNKNOWN
Rows per page:
1-10 of 171

Related

securityvulns 2
nvd 1
veracode 1
mozilla 1
cvelist 1
cve 1
prion 1
ubuntu 4
openvas 104
debian 4
osv 4
nessus 44
fedora 20
centos 3
oraclelinux 2
redhat 2
suse 3
freebsd 1
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2008-61
2008-12-18 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey multiple seucrity vulnerabilities
2008-12-19 00:00:00
nvd
nvd
CVE-2008-5503
2008-12-17 23:30:00
veracode
veracode
Information Disclosure
2020-04-10 00:28:10
mozilla
mozilla
Information stealing via loadBindingDocument — Mozilla
2008-12-16 00:00:00
cvelist
cvelist
CVE-2008-5503
2008-12-17 23:00:00
cve
cve
CVE-2008-5503
2008-12-17 23:30:00
prion
prion
Security feature bypass
2008-12-17 23:30:00
ubuntu
ubuntu
Firefox vulnerabilities
2008-12-18 00:00:00
Thunderbird vulnerabilities
2009-01-06 00:00:00
Thunderbird vulnerabilities
2009-01-06 00:00:00
openvas
openvas
Ubuntu Update for firefox vulnerabilities USN-690-3
2009-03-23 00:00:00
Ubuntu: Security Advisory (USN-690-3)
2009-03-23 00:00:00
Debian Security Advisory DSA 1704-1 (xulrunner)
2009-01-20 00:00:00
debian
debian
[SECURITY] [DSA 1704-1] New xulrunner packages fix several vulnerabilities
2009-01-14 20:28:56
[SECURITY] [DSA 1707-1] New iceweasel packages fix several vulnerabilities
2009-01-15 22:03:27
[SECURITY] [DSA 1696-1] New icedove packages fix several vulnerabilities
2009-01-07 21:32:09
osv
osv
xulrunner - several vulnerabilities
2009-01-14 00:00:00
iceweasel - several vulnerabilities
2009-01-15 00:00:00
icedove - several vulnerabilities
2009-01-07 00:00:00
nessus
nessus
Ubuntu 6.06 LTS : mozilla-thunderbird vulnerabilities (USN-701-2)
2013-03-09 00:00:00
Debian DSA-1704-1 : xulrunner - several vulnerabilities
2009-01-15 00:00:00
SuSE9 Security Update : Epiphany (YOU Patch Number 12326)
2009-09-24 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: seamonkey-1.1.14-1.fc10
2008-12-21 08:40:41
[SECURITY] Fedora 8 Update: seamonkey-1.1.14-1.fc8
2008-12-21 08:25:27
[SECURITY] Fedora 9 Update: seamonkey-1.1.14-1.fc9
2008-12-21 08:44:36
centos
centos
thunderbird security update
2009-01-08 14:35:58
seamonkey security update
2008-12-17 15:28:51
seamonkey security update
2008-12-22 02:56:59
oraclelinux
oraclelinux
thunderbird security update
2009-01-07 00:00:00
seamonkey security update
2008-12-17 00:00:00
redhat
redhat
(RHSA-2009:0002) Moderate: thunderbird security update
2009-01-07 00:00:00
(RHSA-2008:1037) Critical: seamonkey security update
2008-12-16 00:00:00
suse
suse
remote code execution in MozillaFirefox,seamonkey
2008-12-19 13:50:24
remote code execution in MozillaFirefox,MozillaThunderbird,mozilla
2009-01-14 11:55:45
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
freebsd
freebsd
mozilla -- multiple vulnerabilities
2008-12-17 00:00:00

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.044 Low

EPSS

Percentile

92.5%

JSON
Related for UB:CVE-2008-5503
securityvulns2nvd1veracode1mozilla1cvelist1cve1prion1ubuntu4openvas104debian4osv4nessus44fedora20centos3oraclelinux2redhat2suse3freebsd1