Lucene search
Ubuntu.comUB:CVE-2008-5024HistoryNov 13, 2008 - 12:00 a.m.
CVE-2008-5024
2008-11-1300:00:00
ubuntu.com
ubuntu.com
23
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.015
Percentile
86.9%
Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird
2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly escape
quote characters used for XML processing, which allows remote attackers to
conduct XML injection attacks via the default namespace in an E4X document.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 6.06 | noarch | firefox | < 1.5.dfsg+1.5.0.15~prepatch080614h-0ubuntu1 | UNKNOWN |
| ubuntu | 7.10 | noarch | firefox | < 2.0.0.18+nobinonly-0ubuntu0.7.10 | UNKNOWN |
| ubuntu | 8.04 | noarch | firefox | < 2.0.0.18+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
| ubuntu | 8.04 | noarch | firefox-3.0 | < 3.0.4+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
| ubuntu | 8.10 | noarch | firefox-3.0 | < 3.0.4+nobinonly-0ubuntu0.8.10.1 | UNKNOWN |
| ubuntu | 6.06 | noarch | mozilla-thunderbird | < 1.5.0.13+1.5.0.15~prepatch080614h-0ubuntu0.6.06.1 | UNKNOWN |
| ubuntu | 8.04 | noarch | seamonkey | < 1.1.15+nobinonly-0ubuntu0.8.04.2 | UNKNOWN |
| ubuntu | 8.10 | noarch | seamonkey | < 1.1.15+nobinonly-0ubuntu0.8.10.2 | UNKNOWN |
| ubuntu | 7.10 | noarch | thunderbird | < 2.0.0.18+nobinonly-0ubuntu0.7.10.1 | UNKNOWN |
| ubuntu | 8.04 | noarch | thunderbird | < 2.0.0.18+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
Related
veracode
veracode
Information Disclosure
2020-04-10 00:27:22
prion
prion
Design/Logic Flaw
2008-11-13 11:30:00
cve
cve
CVE-2008-5024
2008-11-13 11:30:01
nvd
nvd
CVE-2008-5024
2008-11-13 11:30:01
cvelist
cvelist
CVE-2008-5024
2008-11-13 11:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2008-58
2008-11-14 00:00:00
mozilla
mozilla
Parsing error in E4X default namespace — Mozilla
2008-11-12 00:00:00
openvas
openvas
Fedora Update for thunderbird FEDORA-2008-9901
2009-02-17 00:00:00
CentOS Update for thunderbird CESA-2008:0976 centos4 i386
2009-02-27 00:00:00
RedHat Update for thunderbird RHSA-2008:0976-01
2009-03-06 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: thunderbird-2.0.0.18-1.fc10
2008-11-22 16:45:06
[SECURITY] Fedora 9 Update: evolution-rss-0.1.0-4.fc9
2008-11-14 12:52:41
[SECURITY] Fedora 9 Update: google-gadgets-0.10.1-5.fc9.1
2008-11-14 12:52:42
ubuntu
ubuntu
Thunderbird vulnerabilities
2008-11-26 00:00:00
nessus
nessus
Scientific Linux Security Update : thunderbird on SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
Fedora 10 : thunderbird-2.0.0.18-1.fc10 (2008-9901)
2009-04-23 00:00:00
centos
centos
thunderbird security update
2008-11-23 13:34:31
devhelp, firefox, nss, xulrunner, yelp security update
2008-11-14 23:55:42
seamonkey security update
2008-11-13 06:38:44
redhat
redhat
(RHSA-2008:0976) Moderate: thunderbird security update
2008-11-19 00:00:00
(RHSA-2008:0978) Critical: firefox security update
2008-11-12 00:00:00
(RHSA-2008:0977) Critical: seamonkey security update
2008-11-12 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2008-11-20 00:00:00
seamonkey security update
2008-11-13 00:00:00
firefox security update
2008-11-13 00:00:00
debian
debian
[SECURITY] [DSA 1671-1] New iceweasel packages fix several vulnerabilities
2008-11-24 21:36:25
osv
osv
iceweasel - several vulnerabilities
2008-11-24 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2008-11-13 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.015
Percentile
86.9%
Related for UB:CVE-2008-5024