Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2008-5505 | First vendor Publication | 2008-12-17 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Mozilla Firefox 3.x before 3.0.5 allows remote attackers to bypass intended privacy restrictions by using the persist attribute in an XUL element to create and access data entities that are similar to cookies. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5505 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:10443 | |||
| Oval ID: | oval:org.mitre.oval:def:10443 | ||
| Title: | Mozilla Firefox 3.x before 3.0.5 allows remote attackers to bypass intended privacy restrictions by using the persist attribute in an XUL element to create and access data entities that are similar to cookies. | ||
| Description: | Mozilla Firefox 3.x before 3.0.5 allows remote attackers to bypass intended privacy restrictions by using the persist attribute in an XUL element to create and access data entities that are similar to cookies. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-5505 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2009-04-09 | Name : Mandriva Update for firefox MDVSA-2008:245 (firefox) File : nvt/gb_mandriva_MDVSA_2008_245.nasl |
| 2009-03-23 | Name : Ubuntu Update for firefox-3.0, xulrunner-1.9 vulnerabilities USN-690-1 File : nvt/gb_ubuntu_USN_690_1.nasl |
| 2009-03-06 | Name : RedHat Update for firefox RHSA-2008:1036-01 File : nvt/gb_RHSA-2008_1036-01_firefox.nasl |
| 2009-02-13 | Name : Fedora Update for cairo-dock FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_cairo-dock_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for chmsee FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_chmsee_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for devhelp FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_devhelp_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for epiphany-extensions FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_epiphany-extensions_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for epiphany FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_epiphany_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for evolution-rss FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_evolution-rss_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for firefox FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_firefox_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for galeon FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_galeon_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_gnome-python2-extras_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for gnome-web-photo FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_gnome-web-photo_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for google-gadgets FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_google-gadgets_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for gtkmozembedmm FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_gtkmozembedmm_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for kazehakase FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_kazehakase_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for mozvoikko FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_mozvoikko_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for mugshot FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_mugshot_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_ruby-gnome2_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for totem FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_totem_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for xulrunner FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_xulrunner_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for yelp FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_yelp_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for Miro FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_Miro_fc9.nasl |
| 2009-02-13 | Name : Fedora Update for Miro FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_Miro_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for blam FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_blam_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for devhelp FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_devhelp_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for epiphany-extensions FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_epiphany-extensions_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for epiphany FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_epiphany_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for evolution-rss FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_evolution-rss_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for firefox FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_firefox_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for galeon FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_galeon_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for gecko-sharp2 FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_gecko-sharp2_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for gnome-python2-extras FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_gnome-python2-extras_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for gnome-web-photo FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_gnome-web-photo_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for google-gadgets FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_google-gadgets_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for kazehakase FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_kazehakase_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for mozvoikko FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_mozvoikko_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for mugshot FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_mugshot_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for pcmanx-gtk2 FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_pcmanx-gtk2_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for ruby-gnome2 FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_ruby-gnome2_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for xulrunner FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_xulrunner_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for yelp FEDORA-2008-11511 File : nvt/gb_fedora_2008_11511_yelp_fc10.nasl |
| 2009-02-13 | Name : Fedora Update for blam FEDORA-2008-11598 File : nvt/gb_fedora_2008_11598_blam_fc9.nasl |
| 2009-01-23 | Name : SuSE Update for MozillaFirefox,seamonkey SUSE-SA:2008:058 File : nvt/gb_suse_2008_058.nasl |
| 2009-01-20 | Name : SuSE Security Advisory SUSE-SA:2009:002 (MozillaFirefox,MozillaThunderbird,mo... File : nvt/suse_sa_2009_002.nasl |
| 2008-12-23 | Name : Mozilla Firefox Multiple Vulnerabilities December-08 (Linux) File : nvt/gb_firefox_mult_vuln_dec08_lin.nasl |
| 2008-12-23 | Name : Mozilla Firefox Multiple Vulnerabilities December-08 (Win) File : nvt/gb_firefox_mult_vuln_dec08_win.nasl |
| 2008-12-23 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox36.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 51290 | Mozilla Firefox XUL Persist Attribute User Privacy Restriction Bypass |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-1036.nasl - Type : ACT_GATHER_INFO |
| 2013-03-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-690-3.nasl - Type : ACT_GATHER_INFO |
| 2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20081216_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-1036.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_MozillaFirefox-081218.nasl - Type : ACT_GATHER_INFO |
| 2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_MozillaFirefox-081218.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-11511.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-245.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-690-1.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-690-2.nasl - Type : ACT_GATHER_INFO |
| 2008-12-21 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-11598.nasl - Type : ACT_GATHER_INFO |
| 2008-12-21 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_29f5bfc5ce0411dda7210030843d3802.nasl - Type : ACT_GATHER_INFO |
| 2008-12-17 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_305.nasl - Type : ACT_GATHER_INFO |
| 2008-12-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-1036.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:12:40 |
|
| 2024-11-28 12:17:15 |
|
| 2024-11-01 01:10:33 |
|
| 2024-10-22 12:10:32 |
|
| 2024-08-02 12:10:21 |
|
| 2024-08-02 01:02:54 |
|
| 2024-02-10 01:09:24 |
|
| 2024-02-02 01:09:53 |
|
| 2024-02-01 12:02:52 |
|
| 2023-09-05 12:09:14 |
|
| 2023-09-05 01:02:43 |
|
| 2023-09-02 12:09:20 |
|
| 2023-09-02 01:02:44 |
|
| 2023-08-12 12:10:58 |
|
| 2023-08-12 01:02:44 |
|
| 2023-08-11 12:09:22 |
|
| 2023-08-11 01:02:50 |
|
| 2023-08-06 12:09:00 |
|
| 2023-08-06 01:02:46 |
|
| 2023-08-04 12:09:05 |
|
| 2023-08-04 01:02:48 |
|
| 2023-07-14 12:09:03 |
|
| 2023-07-14 01:02:46 |
|
| 2023-03-29 01:10:18 |
|
| 2023-03-28 12:02:52 |
|
| 2022-10-11 12:08:03 |
|
| 2022-10-11 01:02:35 |
|
| 2021-05-04 12:08:31 |
|
| 2021-04-22 01:08:53 |
|
| 2020-10-14 01:04:06 |
|
| 2020-10-03 01:04:04 |
|
| 2020-05-29 01:03:44 |
|
| 2020-05-24 01:05:09 |
|
| 2020-05-23 00:22:43 |
|
| 2018-10-04 00:19:33 |
|
| 2017-11-22 12:02:48 |
|
| 2017-09-29 09:23:51 |
|
| 2017-08-08 09:24:34 |
|
| 2016-04-26 18:07:25 |
|
| 2014-02-17 10:47:39 |
|
| 2013-05-11 00:32:38 |
|
