CVE-2008-5505
Published Dec 17, 2008
Last updated 6 years ago
Overview
- Description
- Mozilla Firefox 3.x before 3.0.5 allows remote attackers to bypass intended privacy restrictions by using the persist attribute in an XUL element to create and access data entities that are similar to cookies.
- Source
- secalert@redhat.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-264
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6FA1A625-36AB-4D9B-879D-571FE5DEA2F7",
"versionEndIncluding": "3.0.4"
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "412DF091-7604-4110-87A0-3488116A97E5"
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "11E07FED-ABDB-4B0A-AB2E-4CBF1EAC4301"
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9A6558F1-9E0D-4107-909A-8EF4BC8A9C2F"
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "63DF3D65-C992-44CF-89B4-893526C6242E"
}
],
"operator": "OR"
}
]
}
]