VYPR
Unrated severityNVD Advisory· Published Nov 13, 2008· Updated Jun 16, 2026

CVE-2008-5019

CVE-2008-5019

Description

The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting (XSS) attacks and execute arbitrary JavaScript with chrome privileges via unknown vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: >=2.0,<2.0.0.18
    • (no CPE)range: <3.0.4, <2.0.0.18
  • cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*+ 3 more
    • cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

25

News mentions

0

No linked articles in our index yet.