ByteOS Network

Vulnerability Details :

CVE-2008-5511

Assigner-redhat

Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749

Published At-17 Dec, 2008 | 23:00

Updated At-07 Aug, 2024 | 10:56

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy and conduct cross-site scripting (XSS) attacks via an XBL binding to an "unloaded document."

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:redhat

Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749

Published At:17 Dec, 2008 | 23:00

Updated At:07 Aug, 2024 | 10:56

▼CVE Numbering Authority (CNA)

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://www.securityfocus.com/bid/32882	vdb-entry x_refsource_BID
https://bugzilla.mozilla.org/show_bug.cgi?id=451680	x_refsource_MISC
http://secunia.com/advisories/33408	third-party-advisory x_refsource_SECUNIA
http://www.debian.org/security/2009/dsa-1697	vendor-advisory x_refsource_DEBIAN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11881	vdb-entry signature x_refsource_OVAL
https://usn.ubuntu.com/690-3/	vendor-advisory x_refsource_UBUNTU
http://secunia.com/advisories/33205	third-party-advisory x_refsource_SECUNIA
http://www.securitytracker.com/id?1021418	vdb-entry x_refsource_SECTRACK
http://secunia.com/advisories/33421	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/33232	third-party-advisory x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-1036.html	vendor-advisory x_refsource_REDHAT
http://www.mozilla.org/security/announce/2008/mfsa2008-68.html	x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2009/0977	vdb-entry x_refsource_VUPEN
http://www.ubuntu.com/usn/usn-690-2	vendor-advisory x_refsource_UBUNTU
http://www.ubuntu.com/usn/usn-701-1	vendor-advisory x_refsource_UBUNTU
http://secunia.com/advisories/33231	third-party-advisory x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2008:245	vendor-advisory x_refsource_MANDRIVA
https://usn.ubuntu.com/690-1/	vendor-advisory x_refsource_UBUNTU
http://www.mandriva.com/security/advisories?name=MDVSA-2009:012	vendor-advisory x_refsource_MANDRIVA
http://secunia.com/advisories/33203	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/33433	third-party-advisory x_refsource_SECUNIA
http://www.debian.org/security/2009/dsa-1707	vendor-advisory x_refsource_DEBIAN
http://secunia.com/advisories/33216	third-party-advisory x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1	vendor-advisory x_refsource_SUNALERT
http://www.redhat.com/support/errata/RHSA-2008-1037.html	vendor-advisory x_refsource_REDHAT
https://exchange.xforce.ibmcloud.com/vulnerabilities/47417	vdb-entry x_refsource_XF
http://www.debian.org/security/2009/dsa-1704	vendor-advisory x_refsource_DEBIAN
http://www.debian.org/security/2009/dsa-1696	vendor-advisory x_refsource_DEBIAN
http://secunia.com/advisories/33204	third-party-advisory x_refsource_SECUNIA
http://www.ubuntu.com/usn/usn-701-2	vendor-advisory x_refsource_UBUNTU
http://secunia.com/advisories/33184	third-party-advisory x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2009-0002.html	vendor-advisory x_refsource_REDHAT
http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1	vendor-advisory x_refsource_SUNALERT
http://www.mandriva.com/security/advisories?name=MDVSA-2008:244	vendor-advisory x_refsource_MANDRIVA
https://bugzilla.mozilla.org/show_bug.cgi?id=464174	x_refsource_MISC
http://secunia.com/advisories/33415	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/33188	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/33523	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/35080	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/33547	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/33434	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/33189	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/34501	third-party-advisory x_refsource_SECUNIA

Hyperlink: http://www.securityfocus.com/bid/32882

Resource:

vdb-entry

x_refsource_BID

Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=451680

Resource:

x_refsource_MISC

Hyperlink: http://secunia.com/advisories/33408

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.debian.org/security/2009/dsa-1697

Resource:

vendor-advisory

x_refsource_DEBIAN

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11881

Resource:

vdb-entry

signature

x_refsource_OVAL

Hyperlink: https://usn.ubuntu.com/690-3/

Resource:

vendor-advisory

x_refsource_UBUNTU

Hyperlink: http://secunia.com/advisories/33205

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.securitytracker.com/id?1021418

Resource:

vdb-entry

x_refsource_SECTRACK

Hyperlink: http://secunia.com/advisories/33421

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/33232

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-1036.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://www.mozilla.org/security/announce/2008/mfsa2008-68.html

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.vupen.com/english/advisories/2009/0977

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://www.ubuntu.com/usn/usn-690-2

Resource:

vendor-advisory

x_refsource_UBUNTU

Hyperlink: http://www.ubuntu.com/usn/usn-701-1

Resource:

vendor-advisory

x_refsource_UBUNTU

Hyperlink: http://secunia.com/advisories/33231

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:245

Resource:

vendor-advisory

x_refsource_MANDRIVA

Hyperlink: https://usn.ubuntu.com/690-1/

Resource:

vendor-advisory

x_refsource_UBUNTU

Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2009:012

Resource:

vendor-advisory

x_refsource_MANDRIVA

Hyperlink: http://secunia.com/advisories/33203

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/33433

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.debian.org/security/2009/dsa-1707

Resource:

vendor-advisory

x_refsource_DEBIAN

Hyperlink: http://secunia.com/advisories/33216

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1

Resource:

vendor-advisory

x_refsource_SUNALERT

Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-1037.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/47417

Resource:

vdb-entry

x_refsource_XF

Hyperlink: http://www.debian.org/security/2009/dsa-1704

Resource:

vendor-advisory

x_refsource_DEBIAN

Hyperlink: http://www.debian.org/security/2009/dsa-1696

Resource:

vendor-advisory

x_refsource_DEBIAN

Hyperlink: http://secunia.com/advisories/33204

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.ubuntu.com/usn/usn-701-2

Resource:

vendor-advisory

x_refsource_UBUNTU

Hyperlink: http://secunia.com/advisories/33184

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.redhat.com/support/errata/RHSA-2009-0002.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1

Resource:

vendor-advisory

x_refsource_SUNALERT

Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:244

Resource:

vendor-advisory

x_refsource_MANDRIVA

Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=464174

Resource:

x_refsource_MISC

Hyperlink: http://secunia.com/advisories/33415

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/33188

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/33523

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/35080

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/33547

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/33434

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/33189

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/34501

Resource:

third-party-advisory

x_refsource_SECUNIA

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://www.securityfocus.com/bid/32882	vdb-entry x_refsource_BID x_transferred
https://bugzilla.mozilla.org/show_bug.cgi?id=451680	x_refsource_MISC x_transferred
http://secunia.com/advisories/33408	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.debian.org/security/2009/dsa-1697	vendor-advisory x_refsource_DEBIAN x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11881	vdb-entry signature x_refsource_OVAL x_transferred
https://usn.ubuntu.com/690-3/	vendor-advisory x_refsource_UBUNTU x_transferred
http://secunia.com/advisories/33205	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.securitytracker.com/id?1021418	vdb-entry x_refsource_SECTRACK x_transferred
http://secunia.com/advisories/33421	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/33232	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.redhat.com/support/errata/RHSA-2008-1036.html	vendor-advisory x_refsource_REDHAT x_transferred
http://www.mozilla.org/security/announce/2008/mfsa2008-68.html	x_refsource_CONFIRM x_transferred
http://www.vupen.com/english/advisories/2009/0977	vdb-entry x_refsource_VUPEN x_transferred
http://www.ubuntu.com/usn/usn-690-2	vendor-advisory x_refsource_UBUNTU x_transferred
http://www.ubuntu.com/usn/usn-701-1	vendor-advisory x_refsource_UBUNTU x_transferred
http://secunia.com/advisories/33231	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2008:245	vendor-advisory x_refsource_MANDRIVA x_transferred
https://usn.ubuntu.com/690-1/	vendor-advisory x_refsource_UBUNTU x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2009:012	vendor-advisory x_refsource_MANDRIVA x_transferred
http://secunia.com/advisories/33203	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/33433	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.debian.org/security/2009/dsa-1707	vendor-advisory x_refsource_DEBIAN x_transferred
http://secunia.com/advisories/33216	third-party-advisory x_refsource_SECUNIA x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1	vendor-advisory x_refsource_SUNALERT x_transferred
http://www.redhat.com/support/errata/RHSA-2008-1037.html	vendor-advisory x_refsource_REDHAT x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/47417	vdb-entry x_refsource_XF x_transferred
http://www.debian.org/security/2009/dsa-1704	vendor-advisory x_refsource_DEBIAN x_transferred
http://www.debian.org/security/2009/dsa-1696	vendor-advisory x_refsource_DEBIAN x_transferred
http://secunia.com/advisories/33204	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.ubuntu.com/usn/usn-701-2	vendor-advisory x_refsource_UBUNTU x_transferred
http://secunia.com/advisories/33184	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.redhat.com/support/errata/RHSA-2009-0002.html	vendor-advisory x_refsource_REDHAT x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1	vendor-advisory x_refsource_SUNALERT x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2008:244	vendor-advisory x_refsource_MANDRIVA x_transferred
https://bugzilla.mozilla.org/show_bug.cgi?id=464174	x_refsource_MISC x_transferred
http://secunia.com/advisories/33415	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/33188	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/33523	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/35080	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/33547	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/33434	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/33189	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/34501	third-party-advisory x_refsource_SECUNIA x_transferred

Hyperlink: http://www.securityfocus.com/bid/32882

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=451680

Resource:

x_refsource_MISC

x_transferred

Hyperlink: http://secunia.com/advisories/33408

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.debian.org/security/2009/dsa-1697

Resource:

vendor-advisory

x_refsource_DEBIAN

x_transferred

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11881

Resource:

vdb-entry

signature

x_refsource_OVAL

x_transferred

Hyperlink: https://usn.ubuntu.com/690-3/

Resource:

vendor-advisory

x_refsource_UBUNTU

x_transferred

Hyperlink: http://secunia.com/advisories/33205

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.securitytracker.com/id?1021418

Resource:

vdb-entry

x_refsource_SECTRACK

x_transferred

Hyperlink: http://secunia.com/advisories/33421

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/33232

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-1036.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://www.mozilla.org/security/announce/2008/mfsa2008-68.html

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2009/0977

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://www.ubuntu.com/usn/usn-690-2

Resource:

vendor-advisory

x_refsource_UBUNTU

x_transferred

Hyperlink: http://www.ubuntu.com/usn/usn-701-1

Resource:

vendor-advisory

x_refsource_UBUNTU

x_transferred

Hyperlink: http://secunia.com/advisories/33231

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:245

Resource:

vendor-advisory

x_refsource_MANDRIVA

x_transferred

Hyperlink: https://usn.ubuntu.com/690-1/

Resource:

vendor-advisory

x_refsource_UBUNTU

x_transferred

Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2009:012

Resource:

vendor-advisory

x_refsource_MANDRIVA

x_transferred

Hyperlink: http://secunia.com/advisories/33203

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/33433

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.debian.org/security/2009/dsa-1707

Resource:

vendor-advisory

x_refsource_DEBIAN

x_transferred

Hyperlink: http://secunia.com/advisories/33216

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1

Resource:

vendor-advisory

x_refsource_SUNALERT

x_transferred

Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-1037.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/47417

Resource:

vdb-entry

x_refsource_XF

x_transferred

Hyperlink: http://www.debian.org/security/2009/dsa-1704

Resource:

vendor-advisory

x_refsource_DEBIAN

x_transferred

Hyperlink: http://www.debian.org/security/2009/dsa-1696

Resource:

vendor-advisory

x_refsource_DEBIAN

x_transferred

Hyperlink: http://secunia.com/advisories/33204

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.ubuntu.com/usn/usn-701-2

Resource:

vendor-advisory

x_refsource_UBUNTU

x_transferred

Hyperlink: http://secunia.com/advisories/33184

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.redhat.com/support/errata/RHSA-2009-0002.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1

Resource:

vendor-advisory

x_refsource_SUNALERT

x_transferred

Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2008:244

Resource:

vendor-advisory

x_refsource_MANDRIVA

x_transferred

Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=464174

Resource:

x_refsource_MISC

x_transferred

Hyperlink: http://secunia.com/advisories/33415

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/33188

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/33523

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/35080

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/33547

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/33434

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/33189

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/34501

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:secalert@redhat.com

Published At:17 Dec, 2008 | 23:30

Updated At:13 Feb, 2023 | 02:19

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N

Type: Primary

Version: 2.0

Base score: 4.3

Base severity: MEDIUM

Vector:

AV:N/AC:M/Au:N/C:N/I:P/A:N

CPE Matches

Mozilla Corporation

>>firefox>>Versions from 2.0(inclusive) to 2.0.0.19(exclusive)

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

Mozilla Corporation

>>firefox>>Versions from 3.0(inclusive) to 3.0.5(exclusive)

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

Mozilla Corporation

>>seamonkey>>Versions from 1.0(inclusive) to 1.1.14(exclusive)

cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*

Mozilla Corporation

>>thunderbird>>Versions from 2.0(inclusive) to 2.0.0.19(exclusive)

cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

Canonical Ltd.

>>ubuntu_linux>>6.06

cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*

Canonical Ltd.

>>ubuntu_linux>>7.10

cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*

Canonical Ltd.

>>ubuntu_linux>>8.04

cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*

Canonical Ltd.

>>ubuntu_linux>>8.10

cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*

Debian GNU/Linux

>>debian_linux>>4.0

cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*

Debian GNU/Linux

>>debian_linux>>5.0

cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-79	Primary	nvd@nist.gov

CWE ID: CWE-79

Type: Primary

Source: nvd@nist.gov