Vulnerability CVE-2008-5511 - CERT Civis.Net

Vulnerability Name:

CVE-2008-5511 (CCN-47417)

Assigned:

2008-12-16

Published:

2008-12-16

Updated:

2023-02-13

Summary:

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy and conduct cross-site scripting (XSS) attacks via an XBL binding to an "unloaded document."

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2008-5511

Source: CCN
Type: RHSA-2008-1036
Critical: firefox security update

Source: CCN
Type: RHSA-2008-1037
Critical: seamonkey security update

Source: CCN
Type: RHSA-2009-0002
Moderate: thunderbird security update

Source: CCN
Type: SA33184
Mozilla Firefox 2 Multiple Vulnerabilities

Source: CCN
Type: SA33203
Mozilla Firefox 3 Multiple Vulnerabilities

Source: CCN
Type: SA33204
Mozilla SeaMonkey Multiple Vulnerabilities

Source: CCN
Type: SA33205
Mozilla Thunderbird Multiple Vulnerabilities

Source: CCN
Type: SA34501
Sun Solaris Firefox Multiple Vulnerabilities

Source: CCN
Type: SA35080
Sun Solaris Thunderbird Multiple Vulnerabilities

Source: CCN
Type: SECTRACK ID: 1021418
Mozilla Firefox Lets Remote Users Execute Arbitrary Scripting Code

Source: secalert@redhat.com
Type: Broken Link
secalert@redhat.com

Source: secalert@redhat.com
Type: Broken Link
secalert@redhat.com

Source: CCN
Type: Sun Alert ID: 256408
Multiple Security Vulnerabilities in Firefox Versions Before 2.0.0.19 May Allow Execution of Arbitrary Code or Access to Unauthorized Data

Source: CCN
Type: Sun Alert ID: 258748
Multiple Security Vulnerabilities in Mozilla Thunderbird Versions Prior to 2.0.0.19 May Allow Execution of Arbitrary Code or Unauthorized Access to Data

Source: CCN
Type: ASA-2008-506
firefox security update (RHSA-2008-1036)

Source: CCN
Type: ASA-2009-004
thunderbird security update (RHSA-2009-0002)

Source: CCN
Type: ASA-2009-007
seamonkey security update (RHSA-2008-1037)

Source: CCN
Type: ASA-2009-158
Multiple Security Vulnerabilities in Firefox Versions Before 2.0.0.19 May Allow Execution of Arbitrary Code or Access to unauthorized Data (Sun 256408)

Source: CCN
Type: ASA-2009-190
Multiple Security Vulnerabilities in Mozilla Thunderbird Versions Prior to 2.0.0.19 May Allow Execution of Arbitrary Code or Unauthorized Access to Data (Sun 258748)

Source: CCN
Type: NORTEL BULLETIN ID: 2009009505, Rev 1
Nortel Response to Sun Alert 256408 - Solaris 10 - Vulnerabilities in Firefox May Allow Execution of Arbitrary Code

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: DEBIAN
Type: DSA-1696
icedove -- several vulnerabilities

Source: DEBIAN
Type: DSA-1697
iceape -- several vulnerabilities

Source: DEBIAN
Type: DSA-1704
xulrunner -- several vulnerabilities

Source: DEBIAN
Type: DSA-1707
iceweasel -- several vulnerabilities

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: CCN
Type: MFSA 2008-68
XSS and JavaScript privilege escalation

Source: secalert@redhat.com
Type: Vendor Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: CCN
Type: BID-32882
Mozilla Firefox/Thunderbird/SeaMonkey Multiple Remote Vulnerabilities

Source: secalert@redhat.com
Type: Third Party Advisory, VDB Entry
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory, VDB Entry
secalert@redhat.com

Source: CCN
Type: USN-690-1
Firefox and xulrunner vulnerabilities

Source: CCN
Type: USN-690-2
Firefox vulnerabilities

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: CCN
Type: USN-690-3
Firefox vulnerabilities

Source: CCN
Type: USN-701-1
Thunderbird vulnerabilities

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: CCN
Type: USN-701-2
Thunderbird vulnerabilities

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: CCN
Type: Bugzilla@Mozilla - Bug 451680
(CVE-2008-5511) XSS by attaching a binding to an element in an unloaded document

Source: secalert@redhat.com
Type: Issue Tracking, Vendor Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Issue Tracking, Vendor Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory, VDB Entry
secalert@redhat.com

Source: XF
Type: UNKNOWN
mozilla-xbl-security-bypass(47417)

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: SUSE
Type: SUSE-SA:2008:058
Mozilla Firefox security update

Source: SUSE
Type: SUSE-SA:2009:002
Mozilla browser security problems

Vulnerable Configuration:

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration RedHat 10:

cpe:/a:redhat:rhel_productivity:5:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:mozilla:firefox:2.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0::dev:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*

OR cpe:/a:mozilla:thunderbird:2.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0:alpha:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*

OR cpe:/a:mozilla:thunderbird:2.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:thunderbird:2.0.0.11:*:*:*:*:*:*:*

OR cpe:/a:mozilla:thunderbird:2.0.0.12:*:*:*:*:*:*:*

OR cpe:/a:mozilla:thunderbird:2.0.0.13:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1::beta:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0:beta5:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0:beta2:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0::alpha:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.0::beta:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0:*:*:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_89::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_89::sparc:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.15:*:*:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_95::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_95::x86:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_64::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_79b::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_88::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_64::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_79b::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_88::sparc:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*

OR cpe:/a:mozilla:thunderbird:2.0.0.14:*:*:*:*:*:*:*

OR cpe:/a:mozilla:thunderbird:2.0.0.16:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.16:*:*:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_10::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_48::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_50::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_53::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_54::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_56::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_58::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_59::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_60::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_62::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_65::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_68::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_69::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_72::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_75::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_76::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_78::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_81::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_82::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_84::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_85::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_87::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_86::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_49::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_51::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_52::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_55::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_57::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_61::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_63::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_66::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_67::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_70::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_71::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_73::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_74::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_77::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_79::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_83::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_10::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_48::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_55::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_54::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_50::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_57::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_49::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_56::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_52::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_51::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_53::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_67::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_66::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_59::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_65::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_58::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_61::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_63::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_60::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_62::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_71::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_68::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_72::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_77::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_70::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_74::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_73::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_76::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_69::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_75::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_78::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_84::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_83::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_79::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_86::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_85::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_87::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_80::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_82::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_81::sparc:*:*:*:*:*

OR cpe:/a:mozilla:thunderbird:2.0.0.15:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_100::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_100::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_102::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_102::x86:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.17:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*

OR cpe:/a:mozilla:thunderbird:2.0.0.17:*:*:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_80::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_91::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_91::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_90::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_90::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_104::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_104::x86:*:*:*:*:*

OR cpe:/a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*

OR cpe:/a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*

OR cpe:/a:mozilla:thunderbird:2.0.0.18:*:*:*:*:*:*:*

OR cpe:/a:mozilla:firefox:2.0.0.18:*:*:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_101::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_101::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_92::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_92::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_93::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_94::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_99::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_98::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_97::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_96::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_94::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_93::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_99::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_97::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_98::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_96::x86:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_103::sparc:*:*:*:*:*

OR cpe:/o:sun:opensolaris:build_snv_103::x86:*:*:*:*:*

AND

cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*

OR cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*

OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:7.10:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*

OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:10.3:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:8.04::lts:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:11.0:*:*:*:*:*:*:*

OR cpe:/o:novell:suse_linux_enterprise_server:10:sp2:itanium_ia64:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20085511	V	CVE-2008-5511	2022-06-30
oval:org.opensuse.security:def:111905	P	MozillaThunderbird-91.1.1-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:105478	P	MozillaThunderbird-91.1.1-1.1 on GA media (Moderate)	2021-10-01
oval:org.mitre.oval:def:29215	P	RHSA-2008:1036 -- firefox security update (Critical)	2015-08-17
oval:org.mitre.oval:def:29201	P	RHSA-2009:0002 -- thunderbird security update (Moderate)	2015-08-17
oval:org.mitre.oval:def:17937	P	USN-690-2 -- firefox vulnerabilities	2014-06-30
oval:org.mitre.oval:def:13233	P	USN-701-1 -- thunderbird vulnerabilities	2014-06-30
oval:org.mitre.oval:def:16973	P	USN-690-3 -- firefox vulnerabilities	2014-06-30
oval:org.mitre.oval:def:17662	P	USN-690-1 -- firefox-3.0, xulrunner-1.9 vulnerabilities	2014-06-30
oval:org.mitre.oval:def:13213	P	USN-701-2 -- mozilla-thunderbird vulnerabilities	2014-06-30
oval:org.mitre.oval:def:7636	P	DSA-1704 xulrunner -- several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:13245	P	DSA-1697-1 iceape -- several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:7805	P	DSA-1707 iceweasel -- several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:12973	P	DSA-1696-1 icedove -- several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:13605	P	DSA-1707-1 iceweasel -- several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:7950	P	DSA-1697 iceape -- several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:17791	P	DSA-1704-1 xulrunner - several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:13754	P	DSA-1704-2 netatalk -- arbitrary code execution	2014-06-23
oval:org.mitre.oval:def:8021	P	DSA-1696 icedove -- several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:22544	P	ELSA-2009:0002: thunderbird security update (Moderate)	2014-05-26
oval:org.mitre.oval:def:22738	P	ELSA-2008:1036: firefox security update (Critical)	2014-05-26
oval:org.mitre.oval:def:11881	V	Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy and conduct cross-site scripting (XSS) attacks via an XBL binding to an "unloaded document."	2013-04-29
oval:org.debian:def:1707	V	several vulnerabilities	2009-01-15
oval:org.debian:def:1704	V	several vulnerabilities	2009-01-14
oval:org.debian:def:1697	V	several vulnerabilities	2009-01-07
oval:com.redhat.rhsa:def:20090002	P	RHSA-2009:0002: thunderbird security update (Moderate)	2009-01-07
oval:org.debian:def:1696	V	several vulnerabilities	2009-01-07
oval:com.redhat.rhsa:def:20081036	P	RHSA-2008:1036: firefox security update (Critical)	2008-12-17
oval:com.redhat.rhsa:def:20081037	P	RHSA-2008:1037: seamonkey security update (Critical)	2008-12-17