fkie_cve-2008-2801
Vulnerability from fkie_nvd
Published
2008-07-07 23:41
Modified
2025-04-09 00:30
Severity ?
Summary
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via (1) injection of JavaScript into documents within a JAR archive or (2) a JAR archive that uses relative URLs to JavaScript files.
References
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2008-0616.html
secalert@redhat.comhttp://secunia.com/advisories/30878
secalert@redhat.comhttp://secunia.com/advisories/30898
secalert@redhat.comhttp://secunia.com/advisories/30903
secalert@redhat.comhttp://secunia.com/advisories/30911Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/30949
secalert@redhat.comhttp://secunia.com/advisories/31005
secalert@redhat.comhttp://secunia.com/advisories/31008
secalert@redhat.comhttp://secunia.com/advisories/31021
secalert@redhat.comhttp://secunia.com/advisories/31023
secalert@redhat.comhttp://secunia.com/advisories/31069
secalert@redhat.comhttp://secunia.com/advisories/31076
secalert@redhat.comhttp://secunia.com/advisories/31183
secalert@redhat.comhttp://secunia.com/advisories/31195
secalert@redhat.comhttp://secunia.com/advisories/31377
secalert@redhat.comhttp://secunia.com/advisories/33433
secalert@redhat.comhttp://secunia.com/advisories/34501
secalert@redhat.comhttp://security.gentoo.org/glsa/glsa-200808-03.xml
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.383152
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.384911
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
secalert@redhat.comhttp://wiki.rpath.com/Advisories:rPSA-2008-0216
secalert@redhat.comhttp://www.debian.org/security/2008/dsa-1607
secalert@redhat.comhttp://www.debian.org/security/2008/dsa-1615
secalert@redhat.comhttp://www.debian.org/security/2009/dsa-1697
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:136
secalert@redhat.comhttp://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15
secalert@redhat.comhttp://www.mozilla.org/security/announce/2008/mfsa2008-23.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2008-0547.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2008-0549.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2008-0569.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/494080/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/30038
secalert@redhat.comhttp://www.securitytracker.com/id?1020419
secalert@redhat.comhttp://www.ubuntu.com/usn/usn-619-1
secalert@redhat.comhttp://www.vupen.com/english/advisories/2008/1993/references
secalert@redhat.comhttp://www.vupen.com/english/advisories/2009/0977
secalert@redhat.comhttps://bugzilla.mozilla.org/show_bug.cgi?id=418996
secalert@redhat.comhttps://bugzilla.mozilla.org/show_bug.cgi?id=424188
secalert@redhat.comhttps://bugzilla.mozilla.org/show_bug.cgi?id=424426
secalert@redhat.comhttps://issues.rpath.com/browse/RPL-2646
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11810
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-July/msg00207.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-July/msg00288.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-July/msg00295.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2008-0616.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30878
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30898
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30903
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30911Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30949
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31005
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31008
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31021
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31023
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31069
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31076
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31183
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31195
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31377
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/33433
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34501
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200808-03.xml
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.383152
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.384911
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
af854a3a-2127-422b-91ae-364da2661108http://wiki.rpath.com/Advisories:rPSA-2008-0216
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1607
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2008/dsa-1615
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1697
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2008:136
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2008/mfsa2008-23.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0547.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0549.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0569.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/494080/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/30038
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1020419
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-619-1
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1993/references
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/0977
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=418996
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=424188
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=424426
af854a3a-2127-422b-91ae-364da2661108https://issues.rpath.com/browse/RPL-2646
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11810
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00207.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00288.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00295.html
Impacted products
Vendor Product Version
mozilla firefox *
mozilla firefox 2.0
mozilla firefox 2.0.0.1
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.3
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.6
mozilla firefox 2.0.0.7
mozilla firefox 2.0.0.8
mozilla firefox 2.0.0.9
mozilla firefox 2.0.0.10
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.12
mozilla firefox 2.0.0.13
mozilla seamonkey *
mozilla seamonkey 1.1
mozilla seamonkey 1.1.2
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.5
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.7
mozilla seamonkey 1.1.8


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90648428-F390-47CC-9B6E-C2A2187649CF",
              "versionEndIncluding": "2.0.0.14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3487FA64-BE04-42CA-861E-3DAC097D7D32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3D956DC-C73B-439F-8D79-8239207CC76F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "57E2C7E7-56C0-466C-BB08-5EB43922C4F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "462E135A-5616-46CC-A9C0-5A7A0526ACC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6121F9C1-F4DF-4AAB-9E51-AC1592AA5639",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "58D44634-A0B5-4F05-8983-B08D392EC742",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB3AC3D3-FDD7-489F-BDCF-BDB55DF33A8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4105171B-9C90-4ABF-B220-A35E7BA9EE40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "20985549-DB24-4B69-9D40-208A47AE658E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A13026-416F-4308-8A1B-E989BD769E12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "612B015E-9F96-4CE6-83E4-23848FD609E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E391619-0967-43E1-8CBC-4D54F72A85C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "0544D626-E269-4677-9B05-7DAB23BD103B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "C95F7B2C-80FC-4DF2-9680-F74634DCE3E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6878D0B-AB39-40F7-836A-98BEECBE6CAA",
              "versionEndIncluding": "1.1.9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9F84CB7-93F7-4912-BC87-497867B96491",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "20E01097-F60A-4FB2-BA47-84A267EE87D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F65732F-317B-49A2-B9B0-FA1102B8B45C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB430F19-069A-43FD-9097-586D4449D327",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "76AD0439-3BFB-4AD1-8E2C-99D0B099FA8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E6D7528-E591-48A6-8165-BE42F8EBF6B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA710423-0075-44B8-9DCB-6380FA974486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5521DA3-E6AF-4350-B971-10B4A1C9B1D1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via (1) injection of JavaScript into documents within a JAR archive or (2) a JAR archive that uses relative URLs to JavaScript files."
    },
    {
      "lang": "es",
      "value": "Mozilla Firefox anterior a 2.0.0.15 y SeaMonkey anterior a 1.1.10, no implementan de forma correcta las firmas JAR, esto permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante (1) la inyecci\u00f3n de JavaScript en documentos con un archivo JAR o (2) un archivo JAR que utilizan URLs relativas para los ficheros JavaSrcipt."
    }
  ],
  "id": "CVE-2008-2801",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-07-07T23:41:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2008-0616.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/30878"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/30898"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/30903"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30911"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/30949"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31005"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31008"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31021"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31023"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31069"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31076"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31183"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31195"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31377"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/33433"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/34501"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://security.gentoo.org/glsa/glsa-200808-03.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.383152"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.384911"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0216"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1607"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1615"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2009/dsa-1697"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:136"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-23.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0547.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0549.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0569.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/494080/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/30038"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1020419"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-619-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2008/1993/references"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2009/0977"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=418996"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=424188"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=424426"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-2646"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11810"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00207.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00288.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00295.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2008-0616.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30878"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30898"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30903"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30911"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30949"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31021"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31023"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31069"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31183"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31195"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/33433"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34501"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200808-03.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.383152"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.384911"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0216"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1615"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2009/dsa-1697"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:136"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-23.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0547.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0549.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0569.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/494080/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/30038"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020419"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-619-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1993/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0977"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=418996"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=424188"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=424426"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-2646"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11810"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00207.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00288.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00295.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.