CVE-2008-2933

EUVD-2008-2926

17.07.2008, 13:41

Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' (pipe) characters in a command-line URI as requests to open multiple tabs, which allows remote attackers to access chrome:i URIs, or read arbitrary local files via manipulations involving a series of URIs that is not entirely handled by a vector application, as exploited in conjunction with CVE-2008-2540.  NOTE: this issue exists because of an insufficient fix for CVE-2005-2267.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	2.6 UNKNOWN	NETWORK	HIGH		AV:N/AC:H/Au:N/C:P/I:N/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 91%

Affected Products (NVD)

Vendor	Product	Version
mozilla	firefox	𝑥 ≤ 2.0.0.15
mozilla	firefox	0.8
mozilla	firefox	0.9
mozilla	firefox	0.9.1
mozilla	firefox	0.9.2
mozilla	firefox	0.9.3
mozilla	firefox	0.10
mozilla	firefox	0.10.1
mozilla	firefox	1.0
mozilla	firefox	1.0.1
mozilla	firefox	1.0.2
mozilla	firefox	1.0.3
mozilla	firefox	1.0.4
mozilla	firefox	1.0.5
mozilla	firefox	1.0.6
mozilla	firefox	1.0.7
mozilla	firefox	1.0.8
mozilla	firefox	1.5
mozilla	firefox	1.5.0.1
mozilla	firefox	1.5.0.2
mozilla	firefox	1.5.0.3
mozilla	firefox	1.5.0.4
mozilla	firefox	1.5.0.5
mozilla	firefox	1.5.0.6
mozilla	firefox	1.5.0.7
mozilla	firefox	1.5.0.8
mozilla	firefox	1.5.0.9
mozilla	firefox	1.5.0.10
mozilla	firefox	1.5.0.11
mozilla	firefox	1.5.0.12
mozilla	firefox	1.5.1
mozilla	firefox	1.5.2
mozilla	firefox	1.5.3
mozilla	firefox	1.5.4
mozilla	firefox	1.5.5
mozilla	firefox	1.5.6
mozilla	firefox	1.5.7
mozilla	firefox	1.5.8
mozilla	firefox	1.8
mozilla	firefox	2.0
mozilla	firefox	2.0.0.1
mozilla	firefox	2.0.0.2
mozilla	firefox	2.0.0.3
mozilla	firefox	2.0.0.4
mozilla	firefox	2.0.0.5
mozilla	firefox	2.0.0.6
mozilla	firefox	2.0.0.7
mozilla	firefox	2.0.0.8
mozilla	firefox	2.0.0.9
mozilla	firefox	2.0.0.10
mozilla	firefox	2.0.0.11
mozilla	firefox	2.0.0.12
mozilla	firefox	2.0.0.13
mozilla	firefox	2.0.0.14
mozilla	firefox	2.0_.1:_.1
mozilla	firefox	2.0_.4:_.4
mozilla	firefox	2.0_.5:_.5
mozilla	firefox	2.0_.6:_.6
mozilla	firefox	2.0_.7:_.7
mozilla	firefox	2.0_.9:_.9
mozilla	firefox	2.0_.10:_.10
mozilla	firefox	2.0_8:_8
mozilla	firefox	3.0

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

firefox

dapper	not-affected
feisty	not-affected
gutsy	not-affected
hardy	not-affected
intrepid	dne

firefox-3.0

dapper	dne
feisty	dne
gutsy	ignored
hardy	not-affected
intrepid	not-affected

iceape

dapper	dne
feisty	dne
gutsy	not-affected
hardy	dne
intrepid	dne

icedove

dapper	dne
feisty	dne
gutsy	dne
hardy	dne
intrepid	dne

iceweasel

dapper	dne
feisty	dne
gutsy	dne
hardy	dne
intrepid	dne

mozilla-thunderbird

dapper	not-affected
feisty	not-affected
gutsy	dne
hardy	dne
intrepid	dne

seamonkey

dapper	dne
feisty	dne
gutsy	dne
hardy	not-affected
intrepid	not-affected

thunderbird

dapper	dne
feisty	dne
gutsy	not-affected
hardy	not-affected
intrepid	not-affected

xulrunner

dapper	dne
feisty	not-affected
gutsy	not-affected
hardy	not-affected
intrepid	not-affected

xulrunner-1.9

dapper	dne
feisty	dne
gutsy	not-affected
hardy	not-affected
intrepid	not-affected

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

http://secunia.com/advisories/31106

http://secunia.com/advisories/31120

http://secunia.com/advisories/31121

http://secunia.com/advisories/31129

http://secunia.com/advisories/31145

http://secunia.com/advisories/31157

http://secunia.com/advisories/31176

http://secunia.com/advisories/31183

http://secunia.com/advisories/31261

http://secunia.com/advisories/31270

http://secunia.com/advisories/31306

http://secunia.com/advisories/31377

http://secunia.com/advisories/33433

http://secunia.com/advisories/34501

http://security.gentoo.org/glsa/glsa-200808-03.xml

http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0238

http://www.debian.org/security/2008/dsa-1614

http://www.debian.org/security/2008/dsa-1615

http://www.debian.org/security/2009/dsa-1697

http://www.kb.cert.org/vuls/id/130923

http://www.mandriva.com/security/advisories?name=MDVSA-2008:148

http://www.mozilla.org/security/announce/2008/mfsa2008-35.html

http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=InfoDocument-patchbuilder-readme5031400

http://www.redhat.com/support/errata/RHSA-2008-0597.html

http://www.redhat.com/support/errata/RHSA-2008-0598.html

http://www.securityfocus.com/archive/1/494860/100/0/threaded

http://www.securityfocus.com/bid/30242

http://www.securitytracker.com/id?1020500

http://www.slackware.org/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.380974

http://www.ubuntu.com/usn/usn-623-1

http://www.ubuntu.com/usn/usn-626-1

http://www.ubuntu.com/usn/usn-626-2

http://www.vupen.com/english/advisories/2009/0977

https://bugzilla.mozilla.org/show_bug.cgi?id=441120

https://exchange.xforce.ibmcloud.com/vulnerabilities/43832

https://issues.rpath.com/browse/RPL-2683

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11618

http://secunia.com/advisories/31106

http://secunia.com/advisories/31120

http://secunia.com/advisories/31121

http://secunia.com/advisories/31129

http://secunia.com/advisories/31145

http://secunia.com/advisories/31157

http://secunia.com/advisories/31176

http://secunia.com/advisories/31183

http://secunia.com/advisories/31261

http://secunia.com/advisories/31270

http://secunia.com/advisories/31306

http://secunia.com/advisories/31377

http://secunia.com/advisories/33433

http://secunia.com/advisories/34501

http://security.gentoo.org/glsa/glsa-200808-03.xml

http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0238

http://www.debian.org/security/2008/dsa-1614

http://www.debian.org/security/2008/dsa-1615

http://www.debian.org/security/2009/dsa-1697

http://www.kb.cert.org/vuls/id/130923

http://www.mandriva.com/security/advisories?name=MDVSA-2008:148

http://www.mozilla.org/security/announce/2008/mfsa2008-35.html

http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=InfoDocument-patchbuilder-readme5031400

http://www.redhat.com/support/errata/RHSA-2008-0597.html

http://www.redhat.com/support/errata/RHSA-2008-0598.html

http://www.securityfocus.com/archive/1/494860/100/0/threaded

http://www.securityfocus.com/bid/30242

http://www.securitytracker.com/id?1020500

http://www.slackware.org/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.380974

http://www.ubuntu.com/usn/usn-623-1

http://www.ubuntu.com/usn/usn-626-1

http://www.ubuntu.com/usn/usn-626-2

http://www.vupen.com/english/advisories/2009/0977

https://bugzilla.mozilla.org/show_bug.cgi?id=441120

https://exchange.xforce.ibmcloud.com/vulnerabilities/43832

https://issues.rpath.com/browse/RPL-2683

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11618