CVE-2008-5504

Mozilla Firefox 2.x before 2.0.0.19 allows remote attackers to run arbitrary JavaScript with chrome privileges via vectors related to the feed preview, a different vulnerability than CVE-2008-3836.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.15:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.16:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.17:*:*:*:*:*:*:*

History

13 Feb 2023, 02:19

Type Values Removed Values Added
References
  • {'url': 'https://access.redhat.com/errata/RHSA-2008:1037', 'name': 'https://access.redhat.com/errata/RHSA-2008:1037', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://bugzilla.redhat.com/show_bug.cgi?id=476273', 'name': 'https://bugzilla.redhat.com/show_bug.cgi?id=476273', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/security/cve/CVE-2008-5504', 'name': 'https://access.redhat.com/security/cve/CVE-2008-5504', 'tags': [], 'refsource': 'MISC'}
Summary CVE-2008-5504 Firefox 2 XSS attack vectors in feed preview Mozilla Firefox 2.x before 2.0.0.19 allows remote attackers to run arbitrary JavaScript with chrome privileges via vectors related to the feed preview, a different vulnerability than CVE-2008-3836.

02 Feb 2023, 19:15

Type Values Removed Values Added
Summary Mozilla Firefox 2.x before 2.0.0.19 allows remote attackers to run arbitrary JavaScript with chrome privileges via vectors related to the feed preview, a different vulnerability than CVE-2008-3836. CVE-2008-5504 Firefox 2 XSS attack vectors in feed preview
References
  • (MISC) https://access.redhat.com/errata/RHSA-2008:1037 -
  • (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=476273 -
  • (MISC) https://access.redhat.com/security/cve/CVE-2008-5504 -

Information

Published : 2008-12-17 23:30

Updated : 2023-12-10 10:51


NVD link : CVE-2008-5504

Mitre link : CVE-2008-5504

CVE.ORG link : CVE-2008-5504


JSON object : View

Products Affected

mozilla

  • firefox
CWE
CWE-264

Permissions, Privileges, and Access Controls