Vulnerability Name:

CVE-2008-5015 (CCN-46574)

Assigned:2008-11-12
Published:2008-11-12
Updated:2017-09-29
Summary:Mozilla Firefox 3.x before 3.0.4 assigns chrome privileges to a file: URI when it is accessed in the same tab from a chrome or privileged about: page, which makes it easier for user-assisted attackers to execute arbitrary JavaScript with chrome privileges via malicious code in a file that has already been saved on the local system.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-94
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2008-5015

Source: SUSE
Type: UNKNOWN
SUSE-SA:2008:055

Source: CCN
Type: RHSA-2008-0978
Critical: firefox security update

Source: SECUNIA
Type: UNKNOWN
32695

Source: CCN
Type: SA32713
Mozilla Firefox 3 Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
32713

Source: SECUNIA
Type: UNKNOWN
32721

Source: SECUNIA
Type: UNKNOWN
32778

Source: CCN
Type: SA34501
Sun Solaris Firefox Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
34501

Source: CCN
Type: SECTRACK ID: 1021191
Mozilla Firefox 'file:' URLs Let Users Gain Chrome Privileges

Source: CCN
Type: SECTRACK ID: 1021192
Mozilla Firefox E4X Namespace May Let Remote Users Inject XML Code

Source: SUNALERT
Type: UNKNOWN
256408

Source: CCN
Type: Sun Alert ID: 256408
Multiple Security Vulnerabilities in Firefox Versions Before 2.0.0.19 May Allow Execution of Arbitrary Code or Access to Unauthorized Data

Source: CCN
Type: ASA-2008-442
firefox security update (RHSA-2008-0978)

Source: CCN
Type: ASA-2009-158
Multiple Security Vulnerabilities in Firefox Versions Before 2.0.0.19 May Allow Execution of Arbitrary Code or Access to unauthorized Data (Sun 256408)

Source: CCN
Type: NORTEL BULLETIN ID: 2009009505, Rev 1
Nortel Response to Sun Alert 256408 - Solaris 10 - Vulnerabilities in Firefox May Allow Execution of Arbitrary Code

Source: UBUNTU
Type: UNKNOWN
USN-667-1

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:230

Source: CCN
Type: MFSA 2008-51
file: URIs inherit chrome privileges when opened from chrome

Source: CONFIRM
Type: Vendor Advisory
http://www.mozilla.org/security/announce/2008/mfsa2008-51.html

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0978

Source: BID
Type: UNKNOWN
32281

Source: CCN
Type: BID-32281
Mozilla Firefox/Thunderbird/SeaMonkey Multiple Remote Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1021191

Source: CERT
Type: US Government Resource
TA08-319A

Source: VUPEN
Type: UNKNOWN
ADV-2008-3146

Source: VUPEN
Type: UNKNOWN
ADV-2009-0977

Source: CCN
Type: Bugzilla@Mozilla - Bug 447579
(CVE-2008-5015) [FIX]file: URIs inherit chrome privs if opened from chrome

Source: MISC
Type: UNKNOWN
https://bugzilla.mozilla.org/show_bug.cgi?id=447579

Source: XF
Type: UNKNOWN
firefox-fileuri-code-execution(46574)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:11063

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-9669

Source: SUSE
Type: SUSE-SA:2008:055
Mozilla security problems

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mozilla:firefox:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0:alpha:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0:beta5:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:*:*:*:*:*:*:*:* (Version <= 3.0.3)

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:mozilla:firefox:3.0:alpha:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0:beta5:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*
  • AND
  • cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:10.2:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
  • OR cpe:/o:novell:suse_linux_enterprise_server:10:sp2:itanium_ia64:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20085015
    V
    		CVE-2008-5015
    2015-11-16
    oval:org.mitre.oval:def:29237
    P
    		RHSA-2008:0978 -- firefox security update (Critical)
    2015-08-17
    oval:org.mitre.oval:def:17616
    P
    		USN-667-1 -- firefox, firefox-3.0, xulrunner-1.9 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:22309
    P
    		ELSA-2008:0978: firefox security update (Critical)
    2014-05-26
    oval:org.mitre.oval:def:11063
    V
    		Mozilla Firefox 3.x before 3.0.4 assigns chrome privileges to a file: URI when it is accessed in the same tab from a chrome or privileged about: page, which makes it easier for user-assisted attackers to execute arbitrary JavaScript with chrome privileges via malicious code in a file that has already been saved on the local system.
    2013-04-29
    oval:com.redhat.rhsa:def:20080978
    P
    		RHSA-2008:0978: firefox security update (Critical)
    2008-11-13
    BACK
    mozilla firefox 3.0
    mozilla firefox 3.0 alpha
    mozilla firefox 3.0 beta2
    mozilla firefox 3.0 beta5
    mozilla firefox 3.0.1
    mozilla firefox 3.0.2
    mozilla firefox *
    mozilla firefox 3.0 alpha
    mozilla firefox 3.0 beta5
    mozilla firefox 3.0 beta2
    mozilla firefox 3.0
    mozilla firefox 3.0.1
    mozilla firefox 3.0.3
    mozilla firefox 3.0.2
    suse suse linux 9.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    novell linux desktop 9
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 5
    redhat enterprise linux 5
    redhat enterprise linux 5
    novell open enterprise server *
    novell opensuse 10.2
    novell opensuse 10.3
    novell opensuse 11.0
    novell suse linux enterprise server 10 sp2
    mandriva linux 2009.0
    mandriva linux 2009.0 -