Secunia SmallBusiness
Products
Solutions
Customers
Partner
Resources
Company
Careers
Community

CVE Reference: CVE-2008-2933
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2008-2933

Description:
Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' (pipe) characters in a command-line URI as requests to open multiple tabs, which allows remote attackers to access chrome:i URIs, or read arbitrary local files via manipulations involving a series of URIs that is not entirely handled by a vector application, as exploited in conjunction with CVE-2008-2540. NOTE: this issue exists because of an insufficient fix for CVE-2005-2267.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/43832

UBUNTU
  http://www.ubuntu.com/usn/usn-626-2
  http://www.ubuntu.com/usn/usn-626-1
  http://www.ubuntu.com/usn/usn-623-1

SUNALERT
  http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1

ST
  1020500

SLACKWARE
  http://www.slackware.org/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.380974

SAID
  Secunia Advisory: SA31306
  Secunia Advisory: SA31261
  Secunia Advisory: SA31270
  Secunia Advisory: SA31183
  Secunia Advisory: SA31176
  Secunia Advisory: SA31145
  Secunia Advisory: SA31157
  Secunia Advisory: SA31129
  Secunia Advisory: SA31121
  Secunia Advisory: SA31120
  Secunia Advisory: SA31106
  Secunia Advisory: SA31377
  Secunia Advisory: SA33433
  Secunia Advisory: SA34501

REDHAT
  http://www.redhat.com/support/errata/RHSA-2008-0597.html
  http://www.redhat.com/support/errata/RHSA-2008-0598.html

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11618

MANDRIVA
  http://www.mandriva.com/security/advisories?name=MDVSA-2008:148

GENTOO
  http://security.gentoo.org/glsa/glsa-200808-03.xml

DEBIAN
  http://www.debian.org/security/2008/dsa-1615
  http://www.debian.org/security/2009/dsa-1697
  http://www.debian.org/security/2008/dsa-1614

CONFIRM
  http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=InfoDocument-patchbuilder-readme5031400
  http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0238
  http://www.mozilla.org/security/announce/2008/mfsa2008-35.html

CERT-VN
  130923

BUGTRAQ
  http://www.securityfocus.com/archive/1/archive/1/494860/100/0/threaded

BID
  30242


Return to the previous page.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Factsheets
Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom
 
© 2002-2013 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability