Lucene search
Ubuntu.comUB:CVE-2008-5022HistoryNov 13, 2008 - 12:00 a.m.
CVE-2008-5022
2008-11-1300:00:00
ubuntu.com
ubuntu.com
8
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.007
Percentile
79.7%
The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before
3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and
SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the
same-origin policy and execute arbitrary script via multiple listeners,
which bypass the inner window check.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 6.06 | noarch | firefox | < 1.5.dfsg+1.5.0.15~prepatch080614h-0ubuntu1 | UNKNOWN |
| ubuntu | 7.10 | noarch | firefox | < 2.0.0.18+nobinonly-0ubuntu0.7.10 | UNKNOWN |
| ubuntu | 8.04 | noarch | firefox | < 2.0.0.18+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
| ubuntu | 8.04 | noarch | firefox-3.0 | < 3.0.4+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
| ubuntu | 8.10 | noarch | firefox-3.0 | < 3.0.4+nobinonly-0ubuntu0.8.10.1 | UNKNOWN |
| ubuntu | 6.06 | noarch | mozilla-thunderbird | < 1.5.0.13+1.5.0.15~prepatch080614h-0ubuntu0.6.06.1 | UNKNOWN |
| ubuntu | 8.04 | noarch | seamonkey | < 1.1.15+nobinonly-0ubuntu0.8.04.2 | UNKNOWN |
| ubuntu | 8.10 | noarch | seamonkey | < 1.1.15+nobinonly-0ubuntu0.8.10.2 | UNKNOWN |
| ubuntu | 7.10 | noarch | thunderbird | < 2.0.0.18+nobinonly-0ubuntu0.7.10.1 | UNKNOWN |
| ubuntu | 8.04 | noarch | thunderbird | < 2.0.0.18+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
Related
prion
prion
Design/Logic Flaw
2008-11-13 11:30:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2008-56
2008-11-14 00:00:00
cvelist
cvelist
CVE-2008-5022
2008-11-13 11:00:00
cve
cve
CVE-2008-5022
2008-11-13 11:30:01
veracode
veracode
Privilege Escalation
2020-04-10 00:27:20
mozilla
mozilla
nsXMLHttpRequest::NotifyEventListeners() same-origin violation — Mozilla
2008-11-12 00:00:00
nvd
nvd
CVE-2008-5022
2008-11-13 11:30:01
openvas
openvas
Fedora Update for thunderbird FEDORA-2008-9901
2009-02-17 00:00:00
RedHat Update for thunderbird RHSA-2008:0976-01
2009-03-06 00:00:00
RedHat Update for thunderbird RHSA-2008:0976-01
2009-03-06 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2008-11-26 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: thunderbird-2.0.0.18-1.fc10
2008-11-22 16:45:06
[SECURITY] Fedora 9 Update: evolution-rss-0.1.0-4.fc9
2008-11-14 12:52:41
[SECURITY] Fedora 9 Update: google-gadgets-0.10.1-5.fc9.1
2008-11-14 12:52:42
nessus
nessus
Scientific Linux Security Update : thunderbird on SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
Fedora 10 : thunderbird-2.0.0.18-1.fc10 (2008-9901)
2009-04-23 00:00:00
redhat
redhat
(RHSA-2008:0976) Moderate: thunderbird security update
2008-11-19 00:00:00
(RHSA-2008:0978) Critical: firefox security update
2008-11-12 00:00:00
(RHSA-2008:0977) Critical: seamonkey security update
2008-11-12 00:00:00
centos
centos
thunderbird security update
2008-11-23 13:34:31
devhelp, firefox, nss, xulrunner, yelp security update
2008-11-14 23:55:42
seamonkey security update
2008-11-13 06:38:44
oraclelinux
oraclelinux
thunderbird security update
2008-11-20 00:00:00
firefox security update
2008-11-13 00:00:00
seamonkey security update
2008-11-13 00:00:00
debian
debian
[SECURITY] [DSA 1671-1] New iceweasel packages fix several vulnerabilities
2008-11-24 21:36:25
osv
osv
iceweasel - several vulnerabilities
2008-11-24 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,seamonkey
2008-11-26 16:19:10
freebsd
freebsd
mozilla -- multiple vulnerabilities
2008-11-13 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.007
Percentile
79.7%
Related for UB:CVE-2008-5022