Search for vulnerabilities
Vulnerability details: VCID-5qj2-hwa6-aaan
Vulnerability ID VCID-5qj2-hwa6-aaan
Aliases CVE-2008-4582
Summary CVE-2008-4582 Mozilla same origin policy bypass
Status Published
Exploitability 2.0
Weighted Severity 6.2
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-264 Permissions, Privileges, and Access Controls
System Score Found at
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.06212 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.06212 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.06212 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.07520 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.3558 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
epss 0.44582 https://api.first.org/data/v1/epss?cve=CVE-2008-4582
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=470903
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2008-4582
generic_textual none https://www.mozilla.org/en-US/security/advisories/mfsa2008-47
Reference id Reference type URL
http://liudieyu0.blog124.fc2.com/blog-entry-6.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4582.json
https://api.first.org/data/v1/epss?cve=CVE-2008-4582
https://bugzilla.mozilla.org/show_bug.cgi?id=455311
http://secunia.com/advisories/32192
http://secunia.com/advisories/32684
http://secunia.com/advisories/32693
http://secunia.com/advisories/32714
http://secunia.com/advisories/32721
http://secunia.com/advisories/32778
http://secunia.com/advisories/32845
http://secunia.com/advisories/32853
http://secunia.com/advisories/33433
http://secunia.com/advisories/33434
http://secunia.com/advisories/34501
http://securityreason.com/securityalert/4416
http://securitytracker.com/alerts/2008/Nov/1021212.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/45740
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html
http://ubuntu.com/usn/usn-667-1
http://www.debian.org/security/2008/dsa-1669
http://www.debian.org/security/2008/dsa-1671
http://www.debian.org/security/2009/dsa-1696
http://www.debian.org/security/2009/dsa-1697
http://www.mozilla.org/security/announce/2008/mfsa2008-47.html
http://www.securityfocus.com/archive/1/497091/100/0/threaded
http://www.securityfocus.com/bid/31611
http://www.securityfocus.com/bid/31747
http://www.securitytracker.com/id?1021190
http://www.us-cert.gov/cas/techalerts/TA08-319A.html
http://www.vupen.com/english/advisories/2008/2818
http://www.vupen.com/english/advisories/2009/0977
470903 https://bugzilla.redhat.com/show_bug.cgi?id=470903
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
CVE-2008-4582 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4582
CVE-2008-4582 https://nvd.nist.gov/vuln/detail/CVE-2008-4582
CVE-2008-4582;OSVDB-49073 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/32466.html
CVE-2008-4582;OSVDB-49073 Exploit https://www.securityfocus.com/bid/31611/info
GLSA-201301-01 https://security.gentoo.org/glsa/201301-01
mfsa2008-47 https://www.mozilla.org/en-US/security/advisories/mfsa2008-47
USN-667-1 https://usn.ubuntu.com/667-1/
Data source Exploit-DB
Date added Oct. 7, 2008
Description Mozilla Firefox 3.0.3 - Internet Shortcut Same Origin Policy Violation
Ransomware campaign use Known
Source publication date Oct. 7, 2008
Exploit type remote
Platform multiple
Source update date March 24, 2014
Source URL https://www.securityfocus.com/bid/31611/info
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2008-4582
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.73977
EPSS Score 0.00396
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.