CVE-2008-5512

Severity

68%

Complexity

86%

Confidentiality

106%

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to run arbitrary JavaScript with chrome privileges via unknown vectors in which "page content can pollute XPCNativeWrappers."

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to run arbitrary JavaScript with chrome privileges via unknown vectors in which "page content can pollute XPCNativeWrappers."

CVSS 2.0 Base Score 6.8. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P).

Overview

First reported 16 years ago

2008-12-17 23:30:00

Last updated 6 years ago

2018-11-02 14:54:00

Affected Software

Mozilla Firefox

Mozilla SeaMonkey

Mozilla Thunderbird

Canonical Ubuntu Linux 6.06 LTS (Long-Term Support)

6.06

Canonical Ubuntu Linux 7.10

7.10

Canonical Ubuntu Linux 8.04 LTS (Long-Term Support)

8.04

Canonical Ubuntu Linux 8.10

8.10

Debian GNU/Linux 4.0

4.0

Debian GNU/Linux 5.0

5.0

References

33184

Third Party Advisory

33188

Third Party Advisory

33189

Third Party Advisory

33203

Third Party Advisory

33204

Third Party Advisory

33205

Third Party Advisory

33216

Third Party Advisory

33231

Third Party Advisory

33232

Third Party Advisory

33408

Third Party Advisory

33415

Third Party Advisory

33421

Third Party Advisory

33433

Third Party Advisory

33434

Third Party Advisory

33523

Third Party Advisory

33547

Third Party Advisory

34501

Third Party Advisory

35080

Third Party Advisory

256408

Broken Link

258748

Broken Link

DSA-1696

Third Party Advisory

DSA-1697

Third Party Advisory

DSA-1704

Third Party Advisory

DSA-1707

Third Party Advisory

MDVSA-2008:244

Third Party Advisory

MDVSA-2008:245

Third Party Advisory

MDVSA-2009:012

Third Party Advisory

http://www.mozilla.org/security/announce/2008/mfsa2008-68.html

Vendor Advisory

RHSA-2008:1036

Third Party Advisory

RHSA-2008:1037

Third Party Advisory

RHSA-2009:0002

Third Party Advisory

32882

Third Party Advisory, VDB Entry

1021418

Third Party Advisory, VDB Entry

USN-690-2

Third Party Advisory

USN-701-1

Third Party Advisory

USN-701-2

Third Party Advisory

ADV-2009-0977

Third Party Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=451680

Issue Tracking, Vendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=464174

Issue Tracking, Vendor Advisory

mozilla-xpcnativewrappers-code-execution(47416)

Third Party Advisory, VDB Entry

oval:org.mitre.oval:def:9814

Third Party Advisory

USN-690-1

Third Party Advisory

USN-690-3

Third Party Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.