nvd-json-data-feeds/CVE-2008/CVE-2008-55xx/CVE-2008-5510.json

{
  "id": "CVE-2008-5510",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2008-12-17T23:30:00.627",
  "lastModified": "2018-11-08T20:12:31.107",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\\0' escaped null character, which might allow remote attackers to bypass protection mechanisms such as sanitization routines."
    },
    {
      "lang": "es",
      "value": "El analizador CSS en Mozilla Firefox 3.x en versiones anteriores a 3.0.5 y 2.x en versiones anteriores 2.0.0.19, Thunderbird 2.x en versiones anteriores a 2.0.0.19, y SeaMonkey 1.x en versiones anteriores a 1.1.14 ignora el car\u00e1cter de escape nulo '\\0', el cual deber\u00eda permitir a un atacante remoto evitar los mecanismos de protecci\u00f3n como las rutinas de limpieza."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.0
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "2.0",
              "versionEndExcluding": "2.0.0.19",
              "matchCriteriaId": "C8B5BCBB-C10E-44E5-8235-01560BD9273C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "3.0",
              "versionEndExcluding": "3.0.5",
              "matchCriteriaId": "867B189D-CF88-41C5-8FBA-893C100BE203"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "1.0",
              "versionEndExcluding": "1.1.14",
              "matchCriteriaId": "47BE5CA2-9885-479A-8C9C-E6D5FA2E1C7D"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "2.0",
              "versionEndExcluding": "2.0.0.19",
              "matchCriteriaId": "1884DC26-E9BE-43FB-8C7B-2116F4857E7E"
            }
          ]
        }
      ]
    },
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "823BF8BE-2309-4F67-A5E2-EAD98F723468"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "C91D2DBF-6DA7-4BA2-9F29-8BD2725A4701"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "4747CC68-FAF4-482F-929A-9DA6C24CB663"
            }
          ]
        }
      ]
    },
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1",
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ]
    },
    {
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1",
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ]
    },
    {
      "url": "http://www.debian.org/security/2009/dsa-1707",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:244",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:245",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:012",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-67.html",
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.redhat.com/support/errata/RHSA-2008-1036.html",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.securityfocus.com/bid/32882",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ]
    },
    {
      "url": "http://www.securitytracker.com/id?1021425",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ]
    },
    {
      "url": "http://www.ubuntu.com/usn/usn-690-2",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.ubuntu.com/usn/usn-701-1",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.vupen.com/english/advisories/2009/0977",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=228856",
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47415",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ]
    },
    {
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9662",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://usn.ubuntu.com/690-1/",
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ]
    }
  ]
}