CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0CVE-2008-5511 – Firefox XSS via XBL bindings to unloaded document
https://notcve.org/view.php?id=CVE-2008-5511
Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy and conduct cross-site scripting (XSS) attacks via an XBL binding to an "unloaded document." Mozilla Firefox 3.x antes de v3.0.5 y 2.x antes de v2.0.0.19, Thunderbird 2.x antes 2.0.0.19 y SeaMonkey 1.x antes de v1.1.14 permite a atacantes remotos evitar la política de mismo origen y llevar a cabo ataques de secuencias de comandos en sitios cruzados (XSS) mediante una vinculación XBL a un "documento no descargado". • http://secunia.com/advisories/33184 http://secunia.com/advisories/33188 http://secunia.com/advisories/33189 http://secunia.com/advisories/33203 http://secunia.com/advisories/33204 http://secunia.com/advisories/33205 http://secunia.com/advisories/33216 http://secunia.com/advisories/33231 http://secunia.com/advisories/33232 http://secunia.com/advisories/33408 http://secunia.com/advisories/33415 http://secunia.com/advisories/33421 http://secunia.com/advisories/33433 http:/& • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 2.6EPSS: 4%CPEs: 54EXPL: 0CVE-2008-5503 – Firefox 2 Information stealing via loadBindingDocument
https://notcve.org/view.php?id=CVE-2008-5503
The loadBindingDocument function in Mozilla Firefox 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not perform any security checks related to the same-domain policy, which allows remote attackers to read or access data from other domains via crafted XBL bindings. La función loadBindingDocument en Mozilla Firefox 2.x antes de v2.0.0.19, Thunderbird 2.x antes de v2.0.0.19 y SeaMonkey 1.x antes de v1.1.14 no realiza ninguna comprobación de seguridad relacionada con la política de mismo dominio, que permite a atacantes remotos leer o acceder a datos de otros dominios mediante vínculos XBL manipulados. • http://secunia.com/advisories/33184 http://secunia.com/advisories/33189 http://secunia.com/advisories/33204 http://secunia.com/advisories/33205 http://secunia.com/advisories/33231 http://secunia.com/advisories/33232 http://secunia.com/advisories/33408 http://secunia.com/advisories/33415 http://secunia.com/advisories/33421 http://secunia.com/advisories/33433 http://secunia.com/advisories/33434 http://secunia.com/advisories/33523 http://secunia.com/advisories/33547 http:/& •
CVSS: 5.1EPSS: 3%CPEs: 7EXPL: 0CVE-2008-5015 – file: URIs inherit chrome privileges
https://notcve.org/view.php?id=CVE-2008-5015
Mozilla Firefox 3.x before 3.0.4 assigns chrome privileges to a file: URI when it is accessed in the same tab from a chrome or privileged about: page, which makes it easier for user-assisted attackers to execute arbitrary JavaScript with chrome privileges via malicious code in a file that has already been saved on the local system. Mozilla Firefox v3.x anteriores a 3.0.4 asigna privilegios chrome a un fichero: URI cuando se accede desde una misma pestaña que tenga privilegios chrome o desde una pagina about: con privilegios, lo que permite a atacantes ayudados por el usuario ejecutar JavaSript a su elección con privilegios chrome a través de código malicioso en un fichero que ya este guardado en el sistema local. • http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html http://secunia.com/advisories/32695 http://secunia.com/advisories/32713 http://secunia.com/advisories/32721 http://secunia.com/advisories/32778 http://secunia.com/advisories/34501 http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 http://ubuntu.com/usn/usn-667-1 http://www.mandriva.com/security/advisories?name=MDVSA-2008:230 http://www.mozilla.org/security/announce/2008/mfsa2008-51.html&# • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 2%CPEs: 3EXPL: 0CVE-2008-5052
https://notcve.org/view.php?id=CVE-2008-5052
The AppendAttributeValue function in the JavaScript engine in Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger memory corruption, as demonstrated by e4x/extensions/regress-410192.js. La función AppendAttributeValue en el motor de JavaScript en Mozilla Firefox v2.x anterior a v2.0.0.18, Thunderbird v2.x anterior a v2.0.0.18, y SeaMonkey v1.x anterior a v1.1.13 , permite a atacantes remotos provocar una denegación de servicio (caída) a través de vectores desconocidos que lanzan una corrupción de memoria, como se ha demostrado con e4x/extensions/regress-410192.js. • http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:228 http://www.mandriva.com/security/advisories?name=MDVSA-2008:235 http://www.mozilla.org/security/announce/2008/mfsa2008-52.html http://www.securityfocus.com/bid/32281 http://www.securitytracker.com/id?1021183 http://www.us-cert.gov/cas/techalerts/TA08-319A.html http://www.vupen.com/english/advisories/2008/3146 https://bugzilla.mozilla.org/show_ • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 15%CPEs: 9EXPL: 0CVE-2008-0017 – Mozilla buffer overflow in http-index-format parser
https://notcve.org/view.php?id=CVE-2008-0017
The http-index-format MIME type parser (nsDirIndexParser) in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 does not check for an allocation failure, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP index response with a crafted 200 header, which triggers memory corruption and a buffer overflow. El analizador de tipo http-index-format MIME (nsDirIndexParser) en Firefox 3.x antes de 3.0.4, Firefox 2.x antes de 2.0.0.18 y SeaMonkey 1.x antes de 1.1.13 no comprueba un fallo de almacenamiento, lo que permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante una respuesta de índice HTTP con una cabecera 200 manipulada, lo que dispara corrupción de memoria y un desbordamiento de búfer. • http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html http://secunia.com/advisories/32684 http://secunia.com/advisories/32693 http://secunia.com/advisories/32694 http://secunia.com/advisories/32695 http://secunia.com/advisories/32713 http://secunia.com/advisories/32714 http://secunia.com/advisories/32721 http://secunia.com/advisories/32778 http://secunia.com/advisories/32845 http://secunia.com/advisories/32853 http://secunia.com/advisories/33433 http:// • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •