exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2008-5510

Status Candidate

Overview

The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms such as sanitization routines.

Related Files

Ubuntu Security Notice 717-3
Posted Feb 11, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-717-3 - Kojima Hajime discovered that Firefox did not properly handle an escaped null character. An attacker may be able to exploit this flaw to bypass script sanitization. Wladimir Palant discovered that Firefox did not restrict access to cookies in HTTP response headers. If a user were tricked into opening a malicious web page, a remote attacker could view sensitive information.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2008-5510, CVE-2009-0357
SHA-256 | b419591ea81440e5b2b1faa1b19e923b05930c7c64addc334bcc9a4bc1bb90fc
Debian Linux Security Advisory 1707-1
Posted Jan 16, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1707-1 - Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser.

tags | advisory, remote, web, vulnerability
systems | linux, debian
advisories | CVE-2008-5500, CVE-2008-5503, CVE-2008-5504, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5510, CVE-2008-5511, CVE-2008-5512, CVE-2008-5513
SHA-256 | bcc130fb1f1d07c3a3255951cc98724dd8b4314f82fcc2ee7d349720b8f8704e
Mandriva Linux Security Advisory 2009-012
Posted Jan 16, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-012 - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.19. This update provides the latest Thunderbird to correct these issues.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2008-5500, CVE-2008-5503, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5510, CVE-2008-5511, CVE-2008-5512
SHA-256 | 31ce266a8e873139a385b06d223d593e99fa02d8b4ea56d85ce98d309312c225
Ubuntu Security Notice 701-1
Posted Jan 7, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-701-1 - Several flaws were discovered in the Thunderbird browser engine. Boris Zbarsky discovered that the same-origin check in Thunderbird could be bypassed by utilizing XBL-bindings. Marius Schilder discovered that Thunderbird did not properly handle redirects to an outside domain when an XMLHttpRequest was made to a same-origin resource. Chris Evans discovered that Thunderbird did not properly protect a user's data when accessing a same-domain Javascript URL that is redirected to an unparsable Javascript off-site resource. Chip Salzenberg, Justin Schuh, Tom Cross, and Peter William discovered Thunderbird did not properly parse URLs when processing certain control characters. Kojima Hajime discovered that Thunderbird did not properly handle an escaped null character. An attacker may be able to exploit this flaw to bypass script sanitization. Several flaws were discovered in the Javascript engine.

tags | advisory, javascript
systems | linux, ubuntu
advisories | CVE-2008-5500, CVE-2008-5503, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5510, CVE-2008-5511, CVE-2008-5512
SHA-256 | bde8c1eb9e592f8207701c4d7555f829f5c7f296cc697e00576cf9a67ec6ba8c
Mandriva Linux Security Advisory 2008-245
Posted Dec 22, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2008-245 - Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox 3.x, version 3.0.5. This update provides the latest Mozilla Firefox 3.x to correct these issues.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2008-5500, CVE-2008-5501, CVE-2008-5502, CVE-2008-5505, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5510, CVE-2008-5511, CVE-2008-5512, CVE-2008-5513
SHA-256 | 8e8a124d3442c7f7e103e33992e5c8bfc960102e2339c8903eed555f5a12867d
Ubuntu Security Notice 690-2
Posted Dec 22, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-690-2 - Several flaws were discovered in the firefox browser engine.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2008-5500, CVE-2008-5503, CVE-2008-5504, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5510, CVE-2008-5511, CVE-2008-5512, CVE-2008-5513
SHA-256 | 0b55724bc93e7f832d58701657e39690d1852e24cc7a334cf3aae12b84dc6cb7
Ubuntu Security Notice 690-1
Posted Dec 22, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-690-1 - Several flaws were discovered in the firefox browser engine.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2008-5500, CVE-2008-5501, CVE-2008-5502, CVE-2008-5505, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5510, CVE-2008-5511, CVE-2008-5512, CVE-2008-5513
SHA-256 | 2da044eb0e205b8d61a7ef634850906be1fe9b2063cb5e4633c76b32e47fa1a7
Mandriva Linux Security Advisory 2008-244
Posted Dec 22, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2008-244 - Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox 2.x, version 2.0.0.19. This update provides the latest Mozilla Firefox 2.x to correct these issues.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2008-5500, CVE-2008-5503, CVE-2008-5504, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5510, CVE-2008-5511, CVE-2008-5512, CVE-2008-5513
SHA-256 | 2ef0e1d70f36766c952e710ba3d3e9d0973baefba0fdb6d07bf664a08f89cbeb
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close