1. Home
  2. Vulnerabilities
  3. CVE-2008-0593

CVE-2008-0593

CVSS v2.0 4.3 (Medium)
43% Progress
EPSS 0.48 % (76th)
0.48% Progress
Affected Products 2
Advisories 10
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original URL, such as with Single-Signon systems.

Weaknesses
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2008-02-09 01:00:00
(16 years ago)
Updated Date
2018-10-15 22:01:36
(6 years ago)

Affected Products

Mozilla

Configuration #1

    CPE23 From Up To
  Mozilla Firefox 2.0.0.11 and prior versions cpe:2.3:a:mozilla:firefox <= 2.0.0.11
  Mozilla Firefox 0.2 cpe:2.3:a:mozilla:firefox:0.2
  Mozilla Firefox 0.9.2 cpe:2.3:a:mozilla:firefox:0.9.2
  Mozilla Firefox 1.0.2 cpe:2.3:a:mozilla:firefox:1.0.2
  Mozilla Firefox 1.5.0.2 cpe:2.3:a:mozilla:firefox:1.5.0.2
  Mozilla Firefox 1.5.0.12 cpe:2.3:a:mozilla:firefox:1.5.0.12
  Mozilla Firefox 1.5.2 cpe:2.3:a:mozilla:firefox:1.5.2
  Mozilla Firefox 2.0 cpe:2.3:a:mozilla:firefox:2.0
  Mozilla Firefox 2.0.0.1 cpe:2.3:a:mozilla:firefox:2.0.0.1
  Mozilla Firefox 2.0.0.10 cpe:2.3:a:mozilla:firefox:2.0.0.10

Configuration #2

    CPE23 From Up To
  Mozilla Seamonkey cpe:2.3:a:mozilla:seamonkey
  Mozilla Seamonkey 1.1.17 and prior versions cpe:2.3:a:mozilla:seamonkey <= 1.1.17
  Mozilla Seamonkey 1.0 cpe:2.3:a:mozilla:seamonkey:1.0
  Mozilla Seamonkey 1.0 Alpha Edition cpe:2.3:a:mozilla:seamonkey:1.0:*:alpha
  Mozilla Seamonkey 1.0 Beta Edition cpe:2.3:a:mozilla:seamonkey:1.0:*:beta
  Mozilla Seamonkey 1.0 Dev Edition cpe:2.3:a:mozilla:seamonkey:1.0:*:dev
  Mozilla Seamonkey 1.0 Alpha cpe:2.3:a:mozilla:seamonkey:1.0:alpha
  Mozilla Seamonkey 1.0 Beta cpe:2.3:a:mozilla:seamonkey:1.0:beta
  Mozilla Seamonkey 1.0.1 cpe:2.3:a:mozilla:seamonkey:1.0.1
  Mozilla Seamonkey 1.0.2 cpe:2.3:a:mozilla:seamonkey:1.0.2
  Mozilla Seamonkey 1.0.3 cpe:2.3:a:mozilla:seamonkey:1.0.3
  Mozilla Seamonkey 1.0.4 cpe:2.3:a:mozilla:seamonkey:1.0.4
  Mozilla Seamonkey 1.0.5 cpe:2.3:a:mozilla:seamonkey:1.0.5
  Mozilla Seamonkey 1.0.6 cpe:2.3:a:mozilla:seamonkey:1.0.6
  Mozilla Seamonkey 1.0.7 cpe:2.3:a:mozilla:seamonkey:1.0.7
  Mozilla Seamonkey 1.0.8 cpe:2.3:a:mozilla:seamonkey:1.0.8
  Mozilla Seamonkey 1.0.9 cpe:2.3:a:mozilla:seamonkey:1.0.9
  Mozilla Seamonkey 1.0.99 cpe:2.3:a:mozilla:seamonkey:1.0.99
  Mozilla Seamonkey 1.1 cpe:2.3:a:mozilla:seamonkey:1.1
  Mozilla Seamonkey 1.1.1 cpe:2.3:a:mozilla:seamonkey:1.1.1
  Mozilla Seamonkey 1.1.2 cpe:2.3:a:mozilla:seamonkey:1.1.2
  Mozilla Seamonkey 1.1.10 cpe:2.3:a:mozilla:seamonkey:1.1.10
  Mozilla Seamonkey 1.1.11 cpe:2.3:a:mozilla:seamonkey:1.1.11
  Mozilla Seamonkey 1.1.12 cpe:2.3:a:mozilla:seamonkey:1.1.12
  Mozilla Seamonkey 1.1.13 cpe:2.3:a:mozilla:seamonkey:1.1.13
  Mozilla Seamonkey 1.1.14 cpe:2.3:a:mozilla:seamonkey:1.1.14
  Mozilla Seamonkey 1.1.15 cpe:2.3:a:mozilla:seamonkey:1.1.15
  Mozilla Seamonkey 1.1.16 cpe:2.3:a:mozilla:seamonkey:1.1.16