PT-2008-6576 · Mozilla+2 · Thunderbird+4
Llo8Or4Sf
·
Publicado
2008-12-17
·
Atualizado
2024-06-15
·
CVE-2008-5510
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Mozilla Firefox versions 3.x before 3.0.5
Mozilla Firefox versions 2.x before 2.0.0.19
Thunderbird versions 2.x before 2.0.0.19
SeaMonkey versions 1.x before 1.1.14
Description
The CSS parser in the affected software ignores the '0' escaped null character, which might allow remote attackers to bypass protection mechanisms such as sanitization routines.
Recommendations
For Mozilla Firefox versions 3.x before 3.0.5, update to version 3.0.5 or later.
For Mozilla Firefox versions 2.x before 2.0.0.19, update to version 2.0.0.19 or later.
For Thunderbird versions 2.x before 2.0.0.19, update to version 2.0.0.19 or later.
For SeaMonkey versions 1.x before 1.1.14, update to version 1.1.14 or later.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Firefox
Red Hat
Seamonkey
Suse
Thunderbird