Vulnerability Details : CVE-2008-5508
Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not properly parse URLs with leading whitespace or control characters, which might allow remote attackers to misrepresent URLs and simplify phishing attacks.
Products affected by CVE-2008-5508
- cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
Threat overview for CVE-2008-5508
Top countries where our scanners detected CVE-2008-5508
Top open port discovered on systems with this issue
5555
IPs affected by CVE-2008-5508 121
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2008-5508!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2008-5508
2.22%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 83 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2008-5508
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST |
CWE ids for CVE-2008-5508
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2008-5508
-
http://www.redhat.com/support/errata/RHSA-2008-1036.html
Third Party Advisory
-
http://www.ubuntu.com/usn/usn-690-2
Third Party Advisory
-
http://www.mandriva.com/security/advisories?name=MDVSA-2008:245
Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2009-0002.html
Third Party Advisory
-
http://secunia.com/advisories/33184
Third Party Advisory
-
http://secunia.com/advisories/33433
About Secunia Research | FlexeraThird Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2008-1037.html
Third Party Advisory
-
http://www.securitytracker.com/id?1021426
Third Party Advisory;VDB Entry
-
http://secunia.com/advisories/33523
Third Party Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/47414
Third Party Advisory;VDB Entry
-
https://usn.ubuntu.com/690-1/
Third Party Advisory
-
http://secunia.com/advisories/33205
Third Party Advisory
-
http://www.debian.org/security/2009/dsa-1696
[SECURITY] [DSA 1696-1] New icedove packages fix several vulnerabilitiesThird Party Advisory
-
http://www.ubuntu.com/usn/usn-701-1
Third Party Advisory
-
http://secunia.com/advisories/34501
About Secunia Research | FlexeraThird Party Advisory
-
http://secunia.com/advisories/35080
Third Party Advisory
-
http://www.debian.org/security/2009/dsa-1707
Third Party Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=425046
Issue Tracking;Vendor Advisory
-
http://www.mandriva.com/security/advisories?name=MDVSA-2009:012
Third Party Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=460803
Issue Tracking;Vendor Advisory
-
http://secunia.com/advisories/33216
Third Party Advisory
-
http://secunia.com/advisories/33421
Third Party Advisory
-
http://secunia.com/advisories/33189
Third Party Advisory
-
http://www.securityfocus.com/bid/32882
Third Party Advisory;VDB Entry
-
http://www.ubuntu.com/usn/usn-701-2
Third Party Advisory
-
http://secunia.com/advisories/33188
Third Party Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11040
Third Party Advisory
-
http://www.debian.org/security/2009/dsa-1697
[SECURITY] [DSA 1697-1] New iceape packages fix several vulnerabilitiesThird Party Advisory
-
http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1
Broken Link
-
http://secunia.com/advisories/33203
Third Party Advisory
-
http://secunia.com/advisories/33231
Third Party Advisory
-
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
Broken Link
-
http://www.mozilla.org/security/announce/2008/mfsa2008-66.html
Vendor Advisory
-
http://secunia.com/advisories/33434
About Secunia Research | FlexeraThird Party Advisory
-
http://www.debian.org/security/2009/dsa-1704
Third Party Advisory
-
http://secunia.com/advisories/33547
Third Party Advisory
-
http://secunia.com/advisories/33415
Third Party Advisory
-
http://secunia.com/advisories/33204
Third Party Advisory
-
http://www.vupen.com/english/advisories/2009/0977
Webmail: access your OVH emails on ovhcloud.com | OVHcloudThird Party Advisory
-
http://secunia.com/advisories/33408
Third Party Advisory
-
http://www.mandriva.com/security/advisories?name=MDVSA-2008:244
Third Party Advisory
Jump to