CVE-2008-5024

Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly escape quote characters used for XML processing, which allows remote attackers to conduct XML injection attacks via the default namespace in an E4X document.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.mozilla.org/security/announce/2008/mfsa2008-58.html	Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=453915	Exploit Vendor Advisory Issue Tracking
http://www.securityfocus.com/bid/32281	Third Party Advisory VDB Entry
http://www.mandriva.com/security/advisories?name=MDVSA-2008:228	Third Party Advisory
http://secunia.com/advisories/32721	Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html	Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA08-319A.html	Third Party Advisory US Government Resource
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html	Third Party Advisory
http://secunia.com/advisories/32845	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:235	Third Party Advisory
http://www.debian.org/security/2008/dsa-1669	Third Party Advisory
http://secunia.com/advisories/32714	Third Party Advisory
http://secunia.com/advisories/32695	Third Party Advisory
http://secunia.com/advisories/32694	Third Party Advisory
http://secunia.com/advisories/32715	Third Party Advisory
http://secunia.com/advisories/32693	Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0977.html	Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0978.html	Third Party Advisory
http://www.debian.org/security/2008/dsa-1671	Third Party Advisory
http://www.debian.org/security/2009/dsa-1697	Third Party Advisory
http://secunia.com/advisories/33433	Third Party Advisory
http://www.debian.org/security/2009/dsa-1696	Third Party Advisory
http://secunia.com/advisories/33434	Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1	Broken Link
http://www.vupen.com/english/advisories/2009/0977	Third Party Advisory
http://secunia.com/advisories/34501	Third Party Advisory
http://www.securitytracker.com/id?1021192	Third Party Advisory VDB Entry
http://www.vupen.com/english/advisories/2008/3146	Third Party Advisory
http://secunia.com/advisories/32798	Third Party Advisory
http://secunia.com/advisories/32684	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:230	Third Party Advisory
http://secunia.com/advisories/32713	Third Party Advisory
http://ubuntu.com/usn/usn-667-1	Third Party Advisory
http://secunia.com/advisories/32853	Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0976.html	Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html	Third Party Advisory
http://secunia.com/advisories/32778	Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9063	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:mozilla:seamonkey::::::::
	cpe:2.3:a:mozilla:firefox::::::::
	cpe:2.3:a:mozilla:firefox::::::::
	cpe:2.3:a:mozilla:thunderbird::::::::

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:8.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::

Information

Published : 2008-11-13 03:30

Updated : 2018-11-02 06:50

NVD link : CVE-2008-5024

Mitre link : CVE-2008-5024

JSON object : View

CWE

CWE-91

XML Injection (aka Blind XPath Injection)

Products Affected

mozilla

thunderbird
firefox
seamonkey

canonical

ubuntu_linux

debian

debian_linux

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.mozilla.org/security/announce/2008/mfsa2008-58.html", "name": "http://www.mozilla.org/security/announce/2008/mfsa2008-58.html", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=453915", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=453915", "tags": ["Exploit", "Vendor Advisory", "Issue Tracking"], "refsource": "MISC"}, {"url": "http://www.securityfocus.com/bid/32281", "name": "32281", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:228", "name": "MDVSA-2008:228", "tags": ["Third Party Advisory"], "refsource": "MANDRIVA"}, {"url": "http://secunia.com/advisories/32721", "name": "32721", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html", "name": "FEDORA-2008-9669", "tags": ["Third Party Advisory"], "refsource": "FEDORA"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA08-319A.html", "name": "TA08-319A", "tags": ["Third Party Advisory", "US Government Resource"], "refsource": "CERT"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html", "name": "SUSE-SA:2008:055", "tags": ["Third Party Advisory"], "refsource": "SUSE"}, {"url": "http://secunia.com/advisories/32845", "name": "32845", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:235", "name": "MDVSA-2008:235", "tags": ["Third Party Advisory"], "refsource": "MANDRIVA"}, {"url": "http://www.debian.org/security/2008/dsa-1669", "name": "DSA-1669", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "http://secunia.com/advisories/32714", "name": "32714", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/32695", "name": "32695", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/32694", "name": "32694", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/32715", "name": "32715", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/32693", "name": "32693", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0977.html", "name": "RHSA-2008:0977", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0978.html", "name": "RHSA-2008:0978", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://www.debian.org/security/2008/dsa-1671", "name": "DSA-1671", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "http://www.debian.org/security/2009/dsa-1697", "name": "DSA-1697", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "http://secunia.com/advisories/33433", "name": "33433", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.debian.org/security/2009/dsa-1696", "name": "DSA-1696", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "http://secunia.com/advisories/33434", "name": "33434", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1", "name": "256408", "tags": ["Broken Link"], "refsource": "SUNALERT"}, {"url": "http://www.vupen.com/english/advisories/2009/0977", "name": "ADV-2009-0977", "tags": ["Third Party Advisory"], "refsource": "VUPEN"}, {"url": "http://secunia.com/advisories/34501", "name": "34501", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.securitytracker.com/id?1021192", "name": "1021192", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "SECTRACK"}, {"url": "http://www.vupen.com/english/advisories/2008/3146", "name": "ADV-2008-3146", "tags": ["Third Party Advisory"], "refsource": "VUPEN"}, {"url": "http://secunia.com/advisories/32798", "name": "32798", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/32684", "name": "32684", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:230", "name": "MDVSA-2008:230", "tags": ["Third Party Advisory"], "refsource": "MANDRIVA"}, {"url": "http://secunia.com/advisories/32713", "name": "32713", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://ubuntu.com/usn/usn-667-1", "name": "USN-667-1", "tags": ["Third Party Advisory"], "refsource": "UBUNTU"}, {"url": "http://secunia.com/advisories/32853", "name": "32853", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0976.html", "name": "RHSA-2008:0976", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html", "name": "FEDORA-2008-9667", "tags": ["Third Party Advisory"], "refsource": "FEDORA"}, {"url": "http://secunia.com/advisories/32778", "name": "32778", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9063", "name": "oval:org.mitre.oval:def:9063", "tags": ["Third Party Advisory"], "refsource": "OVAL"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly escape quote characters used for XML processing, which allows remote attackers to conduct XML injection attacks via the default namespace in an E4X document."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-91"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2008-5024", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}}, "publishedDate": "2008-11-13T11:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.1.13", "versionStartIncluding": "1.0"}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "3.0.4", "versionStartIncluding": "3.0"}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "2.0.0.18", "versionStartIncluding": "2.0"}, {"cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "2.0.0.18", "versionStartIncluding": "2.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-11-02T13:50Z"}

7.5 /10