VDB
CVE-2008-5504
CVE-2008-5504
PUBLISHED
CVSS 7.5 HIGH
Mozilla Firefox 2.x before 2.0.0.19 allows remote attackers to run arbitrary JavaScript with chrome privileges via vectors related to the feed preview, a different vulnerability than CVE-2008-3836.
EPSS 3.15% · 87.2th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
3.15%
87.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| mozilla | firefox | 2.0.0.10, 2.0.0.1, 2.0.0.2 |
| n/a | n/a | n/a |
Exploit Intelligence
- 32882 (circl)
- 1021422 (circl)
- oval:org.mitre.oval:def:10781 (circl)
- https://bugzilla.mozilla.org/show_bug.cgi?id=453526 (circl)
- ADV-2009-0977 (circl)
- USN-690-2 (circl)
- 33231 (circl)
- DSA-1707 (circl)
- 256408 (circl)
- RHSA-2008:1037 (circl)
…and 7 more exploits
Timeline
- Dec 17, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Feb 13, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- 32882 vdb
- 1021422 vdb
- oval:org.mitre.oval:def:10781 vdb
- https://bugzilla.mozilla.org/show_bug.cgi?id=453526 url
- ADV-2009-0977 vdb
- USN-690-2 vendor-advisory
- 33231 third-party-advisory
- DSA-1707 vendor-advisory
- 256408 vendor-advisory
- RHSA-2008:1037 vendor-advisory
- 33184 third-party-advisory
- http://www.mozilla.org/security/announce/2008/mfsa2008-62.html url
- MDVSA-2008:244 vendor-advisory
- firefox-feedpreview-code-execution(47410) vdb
- 33523 third-party-advisory
- 33189 third-party-advisory
- 34501 third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2008-5504 advisory
- https://access.redhat.com/errata/RHSA-2008:1037 url
- https://access.redhat.com/security/cve/CVE-2008-5504 url
…and 1 more