CVE - CVE-2008-0416

CVE-ID
CVE-2008-0416	Learn more at National Vulnerability Database (NVD) • Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Description
Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allow remote attackers to inject arbitrary web script or HTML via certain character encodings, including (1) a backspace character that is treated as whitespace, (2) 0x80 with Shift_JIS encoding, and (3) "zero-length non-ASCII sequences" in certain Asian character sets.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://bugzilla.mozilla.org/buglist.cgi?bug_id=404252,381412,407161 CONFIRM:http://www.mozilla.org/security/announce/2008/mfsa2008-13.html DEBIAN:DSA-1484 URL:http://www.debian.org/security/2008/dsa-1484 DEBIAN:DSA-1485 URL:http://www.debian.org/security/2008/dsa-1485 DEBIAN:DSA-1489 URL:http://www.debian.org/security/2008/dsa-1489 GENTOO:GLSA-200805-18 URL:http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml SUNALERT:239546 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-239546-1 SUNALERT:238492 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1 TURBO:TLSA-2008-9 URL:http://www.turbolinux.com/security/2008/TLSA-2008-9.txt UBUNTU:USN-576-1 URL:http://www.ubuntulinux.org/support/documentation/usn/usn-576-1 UBUNTU:USN-592-1 URL:http://www.ubuntu.com/usn/usn-592-1 CERT:TA08-087A URL:http://www.us-cert.gov/cas/techalerts/TA08-087A.html JVN:JVN#21563357 URL:http://jvn.jp/en/jp/JVN21563357/index.html JVNDB:JVNDB-2008-000021 URL:http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000021.html BID:29303 URL:http://www.securityfocus.com/bid/29303 VUPEN:ADV-2008-2091 URL:http://www.vupen.com/english/advisories/2008/2091/references VUPEN:ADV-2008-1793 URL:http://www.vupen.com/english/advisories/2008/1793/references SECUNIA:28839 URL:http://secunia.com/advisories/28839 SECUNIA:28864 URL:http://secunia.com/advisories/28864 SECUNIA:28865 URL:http://secunia.com/advisories/28865 SECUNIA:28879 URL:http://secunia.com/advisories/28879 SECUNIA:29541 URL:http://secunia.com/advisories/29541 SECUNIA:30327 URL:http://secunia.com/advisories/30327 SECUNIA:31043 URL:http://secunia.com/advisories/31043 SECUNIA:30620 URL:http://secunia.com/advisories/30620 XF:firefox-character-encoding-xss(40488) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/40488
Assigning CNA
N/A
Date Entry Created
20080123	Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20080123)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE list, which standardizes names for security problems.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org