Search for vulnerabilities
Vulnerability details: VCID-mfwy-2j7a-aaac
Vulnerability ID VCID-mfwy-2j7a-aaac
Aliases CVE-2008-5015
Summary CVE-2008-5015 Mozilla file: URIs inherit chrome privileges
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-94 Improper Control of Generation of Code ('Code Injection')
System Score Found at
rhas Critical https://access.redhat.com/errata/RHSA-2008:0978
epss 0.03223 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.03223 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.03630 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.03630 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.03630 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.03630 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.04496 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.04496 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.04496 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.04496 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.04496 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.04496 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.04496 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.04496 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.04496 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.05714 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
epss 0.0907 https://api.first.org/data/v1/epss?cve=CVE-2008-5015
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=470876
cvssv2 5.1 https://nvd.nist.gov/vuln/detail/CVE-2008-5015
generic_textual none https://www.mozilla.org/en-US/security/advisories/mfsa2008-51
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5015.json
https://api.first.org/data/v1/epss?cve=CVE-2008-5015
https://bugzilla.mozilla.org/show_bug.cgi?id=447579
http://secunia.com/advisories/32695
http://secunia.com/advisories/32713
http://secunia.com/advisories/32721
http://secunia.com/advisories/32778
http://secunia.com/advisories/34501
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11063
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html
http://ubuntu.com/usn/usn-667-1
http://www.mandriva.com/security/advisories?name=MDVSA-2008:230
http://www.mozilla.org/security/announce/2008/mfsa2008-51.html
http://www.redhat.com/support/errata/RHSA-2008-0978.html
http://www.securityfocus.com/bid/32281
http://www.securitytracker.com/id?1021191
http://www.us-cert.gov/cas/techalerts/TA08-319A.html
http://www.vupen.com/english/advisories/2008/3146
http://www.vupen.com/english/advisories/2009/0977
470876 https://bugzilla.redhat.com/show_bug.cgi?id=470876
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0:alpha:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0:alpha:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0:beta2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0:beta5:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0:beta5:*:*:*:*:*:*
CVE-2008-5015 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5015
CVE-2008-5015 https://nvd.nist.gov/vuln/detail/CVE-2008-5015
GLSA-201301-01 https://security.gentoo.org/glsa/201301-01
mfsa2008-51 https://www.mozilla.org/en-US/security/advisories/mfsa2008-51
RHSA-2008:0978 https://access.redhat.com/errata/RHSA-2008:0978
USN-667-1 https://usn.ubuntu.com/667-1/
No exploits are available.
Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2008-5015
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.91452
EPSS Score 0.03223
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.