5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
76.5%
The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19,
Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores
the ‘\0’ escaped null character, which might allow remote attackers to
bypass protection mechanisms such as sanitization routines.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | firefox | < 1.5.dfsg+1.5.0.15~prepatch080614i-0ubuntu1 | UNKNOWN |
ubuntu | 7.10 | noarch | firefox | < 2.0.0.19+nobinonly1-0ubuntu0.7.10.1 | UNKNOWN |
ubuntu | 8.04 | noarch | firefox | < 2.0.0.19+nobinonly1-0ubuntu0.8.04.1 | UNKNOWN |
ubuntu | 10.04 | noarch | firefox | < 3.0.5+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
ubuntu | 10.10 | noarch | firefox | < 3.0.5+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
ubuntu | 11.04 | noarch | firefox | < 3.0.5+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
ubuntu | 8.04 | noarch | firefox-3.0 | < 3.0.5+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
ubuntu | 8.10 | noarch | firefox-3.0 | < 3.0.5+nobinonly-0ubuntu0.8.10.1 | UNKNOWN |
ubuntu | 9.04 | noarch | firefox-3.0 | < 3.0.5+nobinonly-0ubuntu1 | UNKNOWN |
ubuntu | 6.06 | noarch | mozilla-thunderbird | < 1.5.0.13+1.5.0.15~prepatch080614i-0ubuntu0.6.06.1 | UNKNOWN |
launchpad.net/bugs/cve/CVE-2008-5510
nvd.nist.gov/vuln/detail/CVE-2008-5510
security-tracker.debian.org/tracker/CVE-2008-5510
ubuntu.com/security/notices/USN-690-1
ubuntu.com/security/notices/USN-690-2
ubuntu.com/security/notices/USN-701-1
ubuntu.com/security/notices/USN-717-3
www.cve.org/CVERecord?id=CVE-2008-5510