CVE-2008-5505

Severity

50%

Complexity

99%

Confidentiality

48%

Mozilla Firefox 3.x before 3.0.5 allows remote attackers to bypass intended privacy restrictions by using the persist attribute in an XUL element to create and access data entities that are similar to cookies.

Mozilla Firefox 3.x before 3.0.5 allows remote attackers to bypass intended privacy restrictions by using the persist attribute in an XUL element to create and access data entities that are similar to cookies.

CVSS 2.0 Base Score 5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N).

Overview

First reported 16 years ago

2008-12-17 23:30:00

Last updated 6 years ago

2018-10-03 21:56:00

Affected Software

Mozilla Firefox 3.0

3.0

Mozilla Firefox 3.0.1

3.0.1

Mozilla Firefox 3.0.2

3.0.2

Mozilla Firefox 3.0.3

3.0.3

Mozilla Firefox

References

33188

33203

33216

34501

256408

MDVSA-2008:245

http://www.mozilla.org/security/announce/2008/mfsa2008-63.html

Vendor Advisory

RHSA-2008:1036

32882

1021428

ADV-2009-0977

https://bugzilla.mozilla.org/show_bug.cgi?id=295994

firefox-xul-weak-security(47411)

oval:org.mitre.oval:def:10443

USN-690-1

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.