2017-10-16 12:31:07 -04:00
{
2023-02-13 02:01:03 +00:00
"data_version" : "4.0" ,
"data_type" : "CVE" ,
"data_format" : "MITRE" ,
2019-03-18 04:47:01 +00:00
"CVE_data_meta" : {
"ID" : "CVE-2008-5012" ,
2023-02-13 02:01:03 +00:00
"ASSIGNER" : "secalert@redhat.com" ,
2019-03-18 04:47:01 +00:00
"STATE" : "PUBLIC"
} ,
2023-02-13 02:01:03 +00:00
"description" : {
"description_data" : [
{
"lang" : "eng" ,
"value" : "Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly change the source URI when processing a canvas element and an HTTP redirect, which allows remote attackers to bypass the same origin policy and access arbitrary images that are not directly accessible to the attacker. NOTE: this issue can be leveraged to enumerate software on the client by performing redirections related to moz-icon."
}
]
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "n/a"
}
]
}
]
} ,
2019-03-18 04:47:01 +00:00
"affects" : {
"vendor" : {
"vendor_data" : [
{
2023-02-13 02:01:03 +00:00
"vendor_name" : "n/a" ,
2019-03-18 04:47:01 +00:00
"product" : {
"product_data" : [
{
"product_name" : "n/a" ,
"version" : {
"version_data" : [
{
2023-02-13 02:01:03 +00:00
"version_affected" : "=" ,
2019-03-18 04:47:01 +00:00
"version_value" : "n/a"
}
]
}
}
]
2023-02-13 02:01:03 +00:00
}
2019-03-18 04:47:01 +00:00
}
2017-10-16 12:31:07 -04:00
]
2019-03-18 04:47:01 +00:00
}
} ,
"references" : {
"reference_data" : [
{
2023-02-13 02:01:03 +00:00
"url" : "http://secunia.com/advisories/34501" ,
"refsource" : "MISC" ,
"name" : "http://secunia.com/advisories/34501"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1" ,
"refsource" : "MISC" ,
"name" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://www.vupen.com/english/advisories/2009/0977" ,
"refsource" : "MISC" ,
"name" : "http://www.vupen.com/english/advisories/2009/0977"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://secunia.com/advisories/33433" ,
"refsource" : "MISC" ,
"name" : "http://secunia.com/advisories/33433"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://secunia.com/advisories/33434" ,
"refsource" : "MISC" ,
"name" : "http://secunia.com/advisories/33434"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://www.debian.org/security/2009/dsa-1696" ,
"refsource" : "MISC" ,
"name" : "http://www.debian.org/security/2009/dsa-1696"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://www.debian.org/security/2009/dsa-1697" ,
"refsource" : "MISC" ,
"name" : "http://www.debian.org/security/2009/dsa-1697"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://secunia.com/advisories/32845" ,
"refsource" : "MISC" ,
"name" : "http://secunia.com/advisories/32845"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://www.debian.org/security/2008/dsa-1669" ,
2019-03-18 04:47:01 +00:00
"refsource" : "MISC" ,
2023-02-13 02:01:03 +00:00
"name" : "http://www.debian.org/security/2008/dsa-1669"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html" ,
"refsource" : "MISC" ,
"name" : "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://secunia.com/advisories/32684" ,
"refsource" : "MISC" ,
"name" : "http://secunia.com/advisories/32684"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://secunia.com/advisories/32693" ,
"refsource" : "MISC" ,
"name" : "http://secunia.com/advisories/32693"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://secunia.com/advisories/32694" ,
"refsource" : "MISC" ,
"name" : "http://secunia.com/advisories/32694"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://secunia.com/advisories/32778" ,
"refsource" : "MISC" ,
"name" : "http://secunia.com/advisories/32778"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://ubuntu.com/usn/usn-667-1" ,
"refsource" : "MISC" ,
"name" : "http://ubuntu.com/usn/usn-667-1"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:228" ,
"refsource" : "MISC" ,
"name" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:228"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0977.html" ,
2019-03-18 04:47:01 +00:00
"refsource" : "MISC" ,
2023-02-13 02:01:03 +00:00
"name" : "http://www.redhat.com/support/errata/RHSA-2008-0977.html"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://www.securityfocus.com/bid/32281" ,
"refsource" : "MISC" ,
"name" : "http://www.securityfocus.com/bid/32281"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://www.us-cert.gov/cas/techalerts/TA08-319A.html" ,
"refsource" : "MISC" ,
"name" : "http://www.us-cert.gov/cas/techalerts/TA08-319A.html"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://www.vupen.com/english/advisories/2008/3146" ,
"refsource" : "MISC" ,
"name" : "http://www.vupen.com/english/advisories/2008/3146"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html" ,
"refsource" : "MISC" ,
"name" : "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://secunia.com/advisories/32714" ,
"refsource" : "MISC" ,
"name" : "http://secunia.com/advisories/32714"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://secunia.com/advisories/32715" ,
"refsource" : "MISC" ,
"name" : "http://secunia.com/advisories/32715"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://secunia.com/advisories/32798" ,
"refsource" : "MISC" ,
"name" : "http://secunia.com/advisories/32798"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://secunia.com/advisories/32853" ,
"refsource" : "MISC" ,
"name" : "http://secunia.com/advisories/32853"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://www.debian.org/security/2008/dsa-1671" ,
"refsource" : "MISC" ,
"name" : "http://www.debian.org/security/2008/dsa-1671"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:235" ,
2019-03-18 04:47:01 +00:00
"refsource" : "MISC" ,
2023-02-13 02:01:03 +00:00
"name" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:235"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0976.html" ,
"refsource" : "MISC" ,
"name" : "http://www.redhat.com/support/errata/RHSA-2008-0976.html"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://scary.beasts.org/security/CESA-2008-009.html" ,
"refsource" : "MISC" ,
"name" : "http://scary.beasts.org/security/CESA-2008-009.html"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://scarybeastsecurity.blogspot.com/2008/11/firefox-cross-domain-image-theft-and.html" ,
"refsource" : "MISC" ,
"name" : "http://scarybeastsecurity.blogspot.com/2008/11/firefox-cross-domain-image-theft-and.html"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://www.mozilla.org/security/announce/2008/mfsa2008-48.html" ,
"refsource" : "MISC" ,
"name" : "http://www.mozilla.org/security/announce/2008/mfsa2008-48.html"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://www.securityfocus.com/archive/1/498468" ,
"refsource" : "MISC" ,
"name" : "http://www.securityfocus.com/archive/1/498468"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://www.securityfocus.com/bid/32351" ,
"refsource" : "MISC" ,
"name" : "http://www.securityfocus.com/bid/32351"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "http://www.securitytracker.com/id?1021187" ,
"refsource" : "MISC" ,
"name" : "http://www.securitytracker.com/id?1021187"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=355126" ,
2019-03-18 04:47:01 +00:00
"refsource" : "MISC" ,
2023-02-13 02:01:03 +00:00
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=355126"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=451619" ,
"refsource" : "MISC" ,
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=451619"
2019-03-18 04:47:01 +00:00
} ,
{
2023-02-13 02:01:03 +00:00
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10750" ,
"refsource" : "MISC" ,
"name" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10750"
2019-03-18 04:47:01 +00:00
}
]
}
}
