- Home
- CVEs with nessus.description==Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox.
(CVE-2008-5500, CVE-2008-5501, CVE-2008-5502, CVE-2008-5511, CVE-2008-5512, CVE-2008-5513)
Several flaws were found in the way malformed content was processed. A website containing specially crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-5506, CVE-2008-5507)
A flaw was found in the way Firefox stored attributes in XML User Interface Language (XUL) elements. A website could use this flaw to track users across browser sessions, even if users did not allow the site to store cookies in the victim's browser. (CVE-2008-5505)
A flaw was found in the way malformed URLs were processed by Firefox.
This flaw could prevent various URL sanitization mechanisms from properly parsing a malicious URL. (CVE-2008-5508)
A flaw was found in Firefox's CSS parser. A malicious web page could inject NULL characters into a CSS input string, possibly bypassing an application's script sanitization routines. (CVE-2008-5510)
For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.5. You can find a link to the Mozilla advisories in the References section.
Note: after the errata packages are installed, Firefox must be restarted for the update to take effect.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top