CVE-2008-5505

Sažetak

Mozilla Firefox 3.x before 3.0.5 allows remote attackers to bypass intended privacy restrictions by using the persist attribute in an XUL element to create and access data entities that are similar to cookies.

Reference

http://secunia.com/advisories/33188
http://secunia.com/advisories/33203
http://secunia.com/advisories/33216
http://secunia.com/advisories/34501
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
http://www.mandriva.com/security/advisories?name=MDVSA-2008:245
http://www.mozilla.org/security/announce/2008/mfsa2008-63.html
http://www.redhat.com/support/errata/RHSA-2008-1036.html
http://www.securityfocus.com/bid/32882
http://www.securitytracker.com/id?1021428
http://www.vupen.com/english/advisories/2009/0977
https://bugzilla.mozilla.org/show_bug.cgi?id=295994
https://exchange.xforce.ibmcloud.com/vulnerabilities/47411
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10443
https://usn.ubuntu.com/690-1/

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

03-10-2018 - 21:56

Objavljeno

17-12-2008 - 23:30