CVE-2008-5510 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-5510
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-5510

Description: The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms such as sanitization routines.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/47415 UBUNTU http://www.ubuntu.com/usn/usn-690-2 http://www.ubuntulinux.org/support/documentation/usn/usn-690-1 SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 ST 1021425 SAID Secunia Advisory: SA33216 Secunia Advisory: SA33523 Secunia Advisory: SA33231 Secunia Advisory: SA33184 Secunia Advisory: SA33188 Secunia Advisory: SA33203 Secunia Advisory: SA33204 Secunia Advisory: SA33205 Secunia Advisory: SA34501 Secunia Advisory: SA35080 REDHAT http://www.redhat.com/support/errata/RHSA-2008-1036.html MISC MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2009:012 http://www.mandriva.com/security/advisories?name=MDVSA-2008:244 http://www.mandriva.com/security/advisories?name=MDVSA-2008:245 DEBIAN http://www.debian.org/security/2009/dsa-1707 CONFIRM http://www.mozilla.org/security/announce/2008/mfsa2008-67.html BID 32882

Return to the previous page.