CVE-2008-5505

Mozilla Firefox 3.x before 3.0.5 allows remote attackers to bypass intended privacy restrictions by using the persist attribute in an XUL element to create and access data entities that are similar to cookies.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 73%
VendorProductVersion
mozillafirefox
𝑥
≤ 3.0.4
mozillafirefox
3.0
mozillafirefox
3.0.1
mozillafirefox
3.0.2
mozillafirefox
3.0.3
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firefox-3.0
intrepid
Fixed 3.0.5+nobinonly-0ubuntu0.8.10.1
released
hardy
Fixed 3.0.5+nobinonly-0ubuntu0.8.04.1
released
gutsy
ignored
dapper
dne
xulrunner-1.9
intrepid
Fixed 1.9.0.5+nobinonly-0ubuntu0.8.10.1
released
hardy
Fixed 1.9.0.5+nobinonly-0ubuntu0.8.04.1
released
gutsy
ignored
dapper
dne
Common Weakness Enumeration
References
http://secunia.com/advisories/33188
http://secunia.com/advisories/33203
http://secunia.com/advisories/33216
http://secunia.com/advisories/34501
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
http://www.mandriva.com/security/advisories?name=MDVSA-2008:245
http://www.mozilla.org/security/announce/2008/mfsa2008-63.html
http://www.redhat.com/support/errata/RHSA-2008-1036.html
http://www.securityfocus.com/bid/32882
http://www.securitytracker.com/id?1021428
http://www.vupen.com/english/advisories/2009/0977
https://bugzilla.mozilla.org/show_bug.cgi?id=295994
https://exchange.xforce.ibmcloud.com/vulnerabilities/47411
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10443
https://usn.ubuntu.com/690-1/
http://secunia.com/advisories/33188
http://secunia.com/advisories/33203
http://secunia.com/advisories/33216
http://secunia.com/advisories/34501
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
http://www.mandriva.com/security/advisories?name=MDVSA-2008:245
http://www.mozilla.org/security/announce/2008/mfsa2008-63.html
http://www.redhat.com/support/errata/RHSA-2008-1036.html
http://www.securityfocus.com/bid/32882
http://www.securitytracker.com/id?1021428
http://www.vupen.com/english/advisories/2009/0977
https://bugzilla.mozilla.org/show_bug.cgi?id=295994
https://exchange.xforce.ibmcloud.com/vulnerabilities/47411
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10443
https://usn.ubuntu.com/690-1/