Home > Vulnerability Database > CVE-2008-1234

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2008-1234

Date: March 27, 2008

Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to inject arbitrary web script or HTML via event handlers, aka "Universal XSS using event handlers."

Severity Score

3.7

Related Resources (55)

Url: http://secunia.com/advisories/29541

Url: http://secunia.com/advisories/30094

Url: http://secunia.com/advisories/30370

Url: http://www.securitytracker.com/id?1019694

Url: http://secunia.com/advisories/30016

Url: http://rhn.redhat.com/errata/RHSA-2008-0208.html

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2008:155

Url: http://secunia.com/advisories/29539

Url: http://secunia.com/advisories/29616

Url: https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00058.html

Url: https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00074.html

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2008-1234

Url: http://secunia.com/advisories/29550

Url: https://nvd.nist.gov/vuln/detail/CVE-2008-1234

Url: http://secunia.com/advisories/29391

Url: http://www.securityfocus.com/bid/28448

Url: http://www.vupen.com/english/advisories/2008/0998/references

Url: http://www.vupen.com/english/advisories/2008/2091/references

Url: http://secunia.com/advisories/30327

Url: https://access.redhat.com/security/cve/CVE-2008-1234

Url: http://www.ubuntu.com/usn/usn-605-1

Url: http://www.debian.org/security/2008/dsa-1535

Url: http://www.debian.org/security/2008/dsa-1534

Url: http://www.debian.org/security/2008/dsa-1532

Url: http://www.ubuntu.com/usn/usn-592-1

Url: http://www.debian.org/security/2008/dsa-1574

Url: http://secunia.com/advisories/29547

Url: http://secunia.com/advisories/29548

Url: http://secunia.com/advisories/29560

Url: http://secunia.com/advisories/31043

Url: http://secunia.com/advisories/30192

Url: http://www.redhat.com/support/errata/RHSA-2008-0209.html

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9551

Url: http://www.kb.cert.org/vuls/id/466521

Url: http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.447313

Url: http://www.vupen.com/english/advisories/2008/0999/references

Url: http://secunia.com/advisories/29558

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1

Url: http://www.redhat.com/support/errata/RHSA-2008-0207.html

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/41455

Url: http://www.vupen.com/english/advisories/2008/1793/references

Url: http://secunia.com/advisories/30105

Url: http://secunia.com/advisories/30620

Url: http://www.us-cert.gov/cas/techalerts/TA08-087A.html

Url: http://www.securityfocus.com/archive/1/490196/100/0/threaded

Url: http://www.mozilla.org/security/announce/2008/mfsa2008-14.html

Url: http://secunia.com/advisories/29607

Url: http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml

Url: http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128

Url: http://secunia.com/advisories/29645

Url: http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2008:080

Url: http://secunia.com/advisories/29526

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-26-239546-1

Url: https://www.mend.io/vulnerability-database/CVE-2008-1234

Severity Score

3.7

Weakness Type (CWE)

Cross-Site Scripting (XSS)

CWE-79

CVSS v3.1

Base Score:	3.7
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	NONE

CVSS v2

Base Score:	4.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	PARTIAL
Availability (A):	NONE
Additional information:

Do you need more information?

Contact Us