1. Home
  2. Vulnerabilities
  3. CVE-2008-2808

CVE-2008-2808

CVSS v2.0 4.3 (Medium)
43% Progress
EPSS 0.96 % (84th)
0.96% Progress
Affected Products 10
Advisories 6
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other impact via a crafted filename.

Weaknesses
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2008-07-07 23:41:00
(16 years ago)
Updated Date
2018-10-11 20:44:14
(6 years ago)

Affected Products

Mozilla

Redhat

Ubuntu

Configuration #1

AND
    CPE23 From Up To
OR  
  Redhat Advanced Workstation for The Itanium Processor 2.1 cpe:2.3:o:redhat:advanced_workstation_for_the_itanium_processor:2.1
OR  
  Running on/with
  Redhat Desktop 3.0 cpe:2.3:o:redhat:desktop:3.0
OR  
  Running on/with
  Redhat Desktop 4.0 cpe:2.3:o:redhat:desktop:4.0
OR  
  Running on/with
  Redhat Enterprise Linux 5 Server cpe:2.3:o:redhat:enterprise_linux:5_server
OR  
  Running on/with
  Redhat Enterprise Linux As 2.1 cpe:2.3:o:redhat:enterprise_linux:as_2.1
OR  
  Running on/with
  Redhat Enterprise Linux As 3 cpe:2.3:o:redhat:enterprise_linux:as_3
OR  
  Running on/with
  Redhat Enterprise Linux As 4 cpe:2.3:o:redhat:enterprise_linux:as_4
OR  
  Running on/with
  Redhat Enterprise Linux Es 2.1 cpe:2.3:o:redhat:enterprise_linux:es_2.1
OR  
  Running on/with
  Redhat Enterprise Linux Es 3 cpe:2.3:o:redhat:enterprise_linux:es_3
OR  
  Running on/with
  Redhat Enterprise Linux Es 4 cpe:2.3:o:redhat:enterprise_linux:es_4
OR  
  Running on/with
  Redhat Enterprise Linux Ws 2.1 cpe:2.3:o:redhat:enterprise_linux:ws_2.1
OR  
  Running on/with
  Redhat Enterprise Linux Ws 3 cpe:2.3:o:redhat:enterprise_linux:ws_3
OR  
  Running on/with
  Redhat Enterprise Linux Ws 4 cpe:2.3:o:redhat:enterprise_linux:ws_4
OR  
  Running on/with
  Redhat Enterprise Linux Desktop 5 Client cpe:2.3:o:redhat:enterprise_linux_desktop:5_client
OR  
  Running on/with
  Redhat Enterprise Linux Desktop Workstation 5 Client cpe:2.3:o:redhat:enterprise_linux_desktop_workstation:5_client
OR  
  Running on/with
  Redhat Fedora 8 cpe:2.3:o:redhat:fedora:8
OR  
  Running on/with
  Ubuntu Linux 6.06 Lts Amd64 Edition cpe:2.3:o:ubuntu:ubuntu_linux:6.06:*:lts_amd64
OR  
  Running on/with
  Ubuntu Linux 6.06 Lts I386 Edition cpe:2.3:o:ubuntu:ubuntu_linux:6.06:*:lts_i386
OR  
  Running on/with
  Ubuntu Linux 6.06 Lts Powerpc Edition cpe:2.3:o:ubuntu:ubuntu_linux:6.06:*:lts_powerpc
OR  
  Running on/with
  Ubuntu Linux 6.06 Lts Sparc Edition cpe:2.3:o:ubuntu:ubuntu_linux:6.06:*:lts_sparc
OR  
  Running on/with
  Ubuntu Linux 7.04 Amd64 Edition cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:amd64
OR  
  Running on/with
  Ubuntu Linux 7.04 I386 Edition cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:i386
OR  
  Running on/with
  Ubuntu Linux 7.04 Powerpc Edition cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:powerpc
OR  
  Running on/with
  Ubuntu Linux 7.04 Sparc Edition cpe:2.3:o:ubuntu:ubuntu_linux:7.04:*:sparc
OR  
  Running on/with
  Ubuntu Linux 7.10 Amd64 Edition cpe:2.3:o:ubuntu:ubuntu_linux:7.10:*:amd64
OR  
  Running on/with
  Ubuntu Linux 7.10 I386 Edition cpe:2.3:o:ubuntu:ubuntu_linux:7.10:*:i386
OR  
  Running on/with
  Ubuntu Linux 7.10 Lpia Edition cpe:2.3:o:ubuntu:ubuntu_linux:7.10:*:lpia
OR  
  Running on/with
  Ubuntu Linux 7.10 Powerpc Edition cpe:2.3:o:ubuntu:ubuntu_linux:7.10:*:powerpc
OR  
  Running on/with
  Ubuntu Linux 7.10 Sparc Edition cpe:2.3:o:ubuntu:ubuntu_linux:7.10:*:sparc
OR  
  Running on/with
  Mozilla Firefox 2.0 cpe:2.3:a:mozilla:firefox:2.0
OR  
  Running on/with
  Mozilla Firefox 2.0 Beta 1 cpe:2.3:a:mozilla:firefox:2.0:beta_1
OR  
  Running on/with
  Mozilla Firefox 2.0 Rc2 cpe:2.3:a:mozilla:firefox:2.0:rc2
OR  
  Running on/with
  Mozilla Firefox 2.0 Rc3 cpe:2.3:a:mozilla:firefox:2.0:rc3
OR  
  Running on/with
  Mozilla Firefox 2.0.0.2 cpe:2.3:a:mozilla:firefox:2.0.0.2
OR  
  Running on/with
  Mozilla Firefox 2.0.0.3 cpe:2.3:a:mozilla:firefox:2.0.0.3
OR  
  Running on/with
  Mozilla Firefox 2.0.0.11 cpe:2.3:a:mozilla:firefox:2.0.0.11
OR  
  Running on/with
  Mozilla Firefox 2.0.0.12 cpe:2.3:a:mozilla:firefox:2.0.0.12
OR  
  Running on/with
  Mozilla Firefox 2.0.0.13 cpe:2.3:a:mozilla:firefox:2.0.0.13
OR  
  Running on/with
  Mozilla Firefox 2.0.0.14 cpe:2.3:a:mozilla:firefox:2.0.0.14
OR  
  Running on/with
  Mozilla Firefox 2.0 .1 cpe:2.3:a:mozilla:firefox:2.0_.1
OR  
  Running on/with
  Mozilla Firefox 2.0 .4 cpe:2.3:a:mozilla:firefox:2.0_.4
OR  
  Running on/with
  Mozilla Firefox 2.0 .5 cpe:2.3:a:mozilla:firefox:2.0_.5
OR  
  Running on/with
  Mozilla Firefox 2.0 .6 cpe:2.3:a:mozilla:firefox:2.0_.6
OR  
  Running on/with
  Mozilla Firefox 2.0 .9 cpe:2.3:a:mozilla:firefox:2.0_.9
OR  
  Running on/with
  Mozilla Firefox 2.0 .10 cpe:2.3:a:mozilla:firefox:2.0_.10
OR  
  Running on/with
  Mozilla Firefox 2.0 8 cpe:2.3:a:mozilla:firefox:2.0_8
OR  
  Running on/with
  Mozilla Seamonkey 1.1 Beta cpe:2.3:a:mozilla:seamonkey:1.1:beta
OR  
  Running on/with
  Mozilla Seamonkey 1.1.1 cpe:2.3:a:mozilla:seamonkey:1.1.1
OR  
  Running on/with
  Mozilla Seamonkey 1.1.2 cpe:2.3:a:mozilla:seamonkey:1.1.2
OR  
  Running on/with
  Mozilla Seamonkey 1.1.3 cpe:2.3:a:mozilla:seamonkey:1.1.3
OR  
  Running on/with
  Mozilla Seamonkey 1.1.4 cpe:2.3:a:mozilla:seamonkey:1.1.4
OR  
  Running on/with
  Mozilla Seamonkey 1.1.5 cpe:2.3:a:mozilla:seamonkey:1.1.5
OR  
  Running on/with
  Mozilla Seamonkey 1.1.6 cpe:2.3:a:mozilla:seamonkey:1.1.6
OR  
  Running on/with
  Mozilla Seamonkey 1.1.7 cpe:2.3:a:mozilla:seamonkey:1.1.7
OR  
  Running on/with
  Mozilla Seamonkey 1.1.8 cpe:2.3:a:mozilla:seamonkey:1.1.8
OR  
  Running on/with
  Mozilla Seamonkey 1.1.9 cpe:2.3:a:mozilla:seamonkey:1.1.9
OR  
  Running on/with
  Mozilla Thunderbird 2.0 .4 cpe:2.3:a:mozilla:thunderbird:2.0_.4
OR  
  Running on/with
  Mozilla Thunderbird 2.0 .5 cpe:2.3:a:mozilla:thunderbird:2.0_.5
OR  
  Running on/with
  Mozilla Thunderbird 2.0 .6 cpe:2.3:a:mozilla:thunderbird:2.0_.6
OR  
  Running on/with
  Mozilla Thunderbird 2.0 .9 cpe:2.3:a:mozilla:thunderbird:2.0_.9
OR  
  Running on/with
  Mozilla Thunderbird 2.0 .12 cpe:2.3:a:mozilla:thunderbird:2.0_.12
OR  
  Running on/with
  Mozilla Thunderbird 2.0 .13 cpe:2.3:a:mozilla:thunderbird:2.0_.13
OR  
  Running on/with
  Mozilla Thunderbird 2.0 .14 cpe:2.3:a:mozilla:thunderbird:2.0_.14
OR  
  Running on/with
  Mozilla Thunderbird 2.0 8 cpe:2.3:a:mozilla:thunderbird:2.0_8