exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

CVE-2008-5508

Status Candidate

Overview

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not properly parse URLs with leading whitespace or control characters, which might allow remote attackers to misrepresent URLs and simplify phishing attacks.

Related Files

Debian Linux Security Advisory 1707-1
Posted Jan 16, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1707-1 - Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser.

tags | advisory, remote, web, vulnerability
systems | linux, debian
advisories | CVE-2008-5500, CVE-2008-5503, CVE-2008-5504, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5510, CVE-2008-5511, CVE-2008-5512, CVE-2008-5513
SHA-256 | bcc130fb1f1d07c3a3255951cc98724dd8b4314f82fcc2ee7d349720b8f8704e
Mandriva Linux Security Advisory 2009-012
Posted Jan 16, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-012 - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.19. This update provides the latest Thunderbird to correct these issues.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2008-5500, CVE-2008-5503, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5510, CVE-2008-5511, CVE-2008-5512
SHA-256 | 31ce266a8e873139a385b06d223d593e99fa02d8b4ea56d85ce98d309312c225
Debian Linux Security Advisory 1704-1
Posted Jan 15, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1704 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2008-5500, CVE-2008-5503, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5511, CVE-2008-5512
SHA-256 | 9e3e36a4fa485680c7a4bd74e51761da2d1644c64d0801e1cec00e1a9bab5952
Ubuntu Security Notice 701-2
Posted Jan 7, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-701-2 - Several flaws were discovered in the Thunderbird browser engine. Boris Zbarsky discovered that the same-origin check in Thunderbird could be bypassed by utilizing XBL-bindings. Marius Schilder discovered that Thunderbird did not properly handle redirects to an outside domain when an XMLHttpRequest was made to a same-origin resource. Chris Evans discovered that Thunderbird did not properly protect a user's data when accessing a same-domain Javascript URL that is redirected to an unparsable Javascript off-site resource. Chip Salzenberg, Justin Schuh, Tom Cross, and Peter William discovered Thunderbird did not properly parse URLs when processing certain control characters. Several flaws were discovered in the Javascript engine.

tags | advisory, javascript
systems | linux, ubuntu
advisories | CVE-2008-5500, CVE-2008-5503, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5511, CVE-2008-5512
SHA-256 | b6cca8b4a0ada9843a17cd60ca12f09f4ce7f003175d38b562b60e18b3b1077d
Ubuntu Security Notice 701-1
Posted Jan 7, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-701-1 - Several flaws were discovered in the Thunderbird browser engine. Boris Zbarsky discovered that the same-origin check in Thunderbird could be bypassed by utilizing XBL-bindings. Marius Schilder discovered that Thunderbird did not properly handle redirects to an outside domain when an XMLHttpRequest was made to a same-origin resource. Chris Evans discovered that Thunderbird did not properly protect a user's data when accessing a same-domain Javascript URL that is redirected to an unparsable Javascript off-site resource. Chip Salzenberg, Justin Schuh, Tom Cross, and Peter William discovered Thunderbird did not properly parse URLs when processing certain control characters. Kojima Hajime discovered that Thunderbird did not properly handle an escaped null character. An attacker may be able to exploit this flaw to bypass script sanitization. Several flaws were discovered in the Javascript engine.

tags | advisory, javascript
systems | linux, ubuntu
advisories | CVE-2008-5500, CVE-2008-5503, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5510, CVE-2008-5511, CVE-2008-5512
SHA-256 | bde8c1eb9e592f8207701c4d7555f829f5c7f296cc697e00576cf9a67ec6ba8c
Mandriva Linux Security Advisory 2008-245
Posted Dec 22, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2008-245 - Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox 3.x, version 3.0.5. This update provides the latest Mozilla Firefox 3.x to correct these issues.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2008-5500, CVE-2008-5501, CVE-2008-5502, CVE-2008-5505, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5510, CVE-2008-5511, CVE-2008-5512, CVE-2008-5513
SHA-256 | 8e8a124d3442c7f7e103e33992e5c8bfc960102e2339c8903eed555f5a12867d
Ubuntu Security Notice 690-2
Posted Dec 22, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-690-2 - Several flaws were discovered in the firefox browser engine.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2008-5500, CVE-2008-5503, CVE-2008-5504, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5510, CVE-2008-5511, CVE-2008-5512, CVE-2008-5513
SHA-256 | 0b55724bc93e7f832d58701657e39690d1852e24cc7a334cf3aae12b84dc6cb7
Ubuntu Security Notice 690-1
Posted Dec 22, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-690-1 - Several flaws were discovered in the firefox browser engine.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2008-5500, CVE-2008-5501, CVE-2008-5502, CVE-2008-5505, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5510, CVE-2008-5511, CVE-2008-5512, CVE-2008-5513
SHA-256 | 2da044eb0e205b8d61a7ef634850906be1fe9b2063cb5e4633c76b32e47fa1a7
Mandriva Linux Security Advisory 2008-244
Posted Dec 22, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2008-244 - Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox 2.x, version 2.0.0.19. This update provides the latest Mozilla Firefox 2.x to correct these issues.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2008-5500, CVE-2008-5503, CVE-2008-5504, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5510, CVE-2008-5511, CVE-2008-5512, CVE-2008-5513
SHA-256 | 2ef0e1d70f36766c952e710ba3d3e9d0973baefba0fdb6d07bf664a08f89cbeb
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close