Search for vulnerabilities
Vulnerability details: VCID-hnyg-3d6b-aaag
Vulnerability ID VCID-hnyg-3d6b-aaag
Aliases CVE-2008-5511
Summary CVE-2008-5511 Firefox XSS via XBL bindings to unloaded document
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
System Score Found at
rhas Critical https://access.redhat.com/errata/RHSA-2008:1036
rhas Critical https://access.redhat.com/errata/RHSA-2008:1037
rhas Moderate https://access.redhat.com/errata/RHSA-2009:0002
epss 0.00821 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.00821 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.00821 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.00821 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.00821 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.00821 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.00821 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.00821 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.00821 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.00821 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.00821 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.00897 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.01798 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.02649 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.02649 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.02649 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.02649 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
epss 0.03462 https://api.first.org/data/v1/epss?cve=CVE-2008-5511
rhbs urgent https://bugzilla.redhat.com/show_bug.cgi?id=476285
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2008-5511
generic_textual critical https://www.mozilla.org/en-US/security/advisories/mfsa2008-68
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5511.json
https://api.first.org/data/v1/epss?cve=CVE-2008-5511
https://bugzilla.mozilla.org/show_bug.cgi?id=451680
https://bugzilla.mozilla.org/show_bug.cgi?id=464174
http://secunia.com/advisories/33184
http://secunia.com/advisories/33188
http://secunia.com/advisories/33189
http://secunia.com/advisories/33203
http://secunia.com/advisories/33204
http://secunia.com/advisories/33205
http://secunia.com/advisories/33216
http://secunia.com/advisories/33231
http://secunia.com/advisories/33232
http://secunia.com/advisories/33408
http://secunia.com/advisories/33415
http://secunia.com/advisories/33421
http://secunia.com/advisories/33433
http://secunia.com/advisories/33434
http://secunia.com/advisories/33523
http://secunia.com/advisories/33547
http://secunia.com/advisories/34501
http://secunia.com/advisories/35080
https://exchange.xforce.ibmcloud.com/vulnerabilities/47417
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11881
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1
https://usn.ubuntu.com/690-1/
https://usn.ubuntu.com/690-3/
http://www.debian.org/security/2009/dsa-1696
http://www.debian.org/security/2009/dsa-1697
http://www.debian.org/security/2009/dsa-1704
http://www.debian.org/security/2009/dsa-1707
http://www.mandriva.com/security/advisories?name=MDVSA-2008:244
http://www.mandriva.com/security/advisories?name=MDVSA-2008:245
http://www.mandriva.com/security/advisories?name=MDVSA-2009:012
http://www.mozilla.org/security/announce/2008/mfsa2008-68.html
http://www.redhat.com/support/errata/RHSA-2008-1036.html
http://www.redhat.com/support/errata/RHSA-2008-1037.html
http://www.redhat.com/support/errata/RHSA-2009-0002.html
http://www.securityfocus.com/bid/32882
http://www.securitytracker.com/id?1021418
http://www.ubuntu.com/usn/usn-690-2
http://www.ubuntu.com/usn/usn-701-1
http://www.ubuntu.com/usn/usn-701-2
http://www.vupen.com/english/advisories/2009/0977
476285 https://bugzilla.redhat.com/show_bug.cgi?id=476285
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
CVE-2008-5511 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5511
CVE-2008-5511 https://nvd.nist.gov/vuln/detail/CVE-2008-5511
GLSA-201301-01 https://security.gentoo.org/glsa/201301-01
mfsa2008-68 https://www.mozilla.org/en-US/security/advisories/mfsa2008-68
RHSA-2008:1036 https://access.redhat.com/errata/RHSA-2008:1036
RHSA-2008:1037 https://access.redhat.com/errata/RHSA-2008:1037
RHSA-2009:0002 https://access.redhat.com/errata/RHSA-2009:0002
USN-690-2 https://usn.ubuntu.com/690-2/
USN-701-1 https://usn.ubuntu.com/701-1/
USN-701-2 https://usn.ubuntu.com/701-2/
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2008-5511
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.82438
EPSS Score 0.00821
Published At Nov. 18, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.