Unrated severityNVD Advisory· Published Dec 17, 2008· Updated Jun 16, 2026
CVE-2008-5506
CVE-2008-5506
Description
Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy by causing the browser to issue an XMLHttpRequest to an attacker-controlled resource that uses a 302 redirect to a resource in a different domain, then reading content from the response, aka "response disclosure."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
13cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: >=2.0,<2.0.0.19
- (no CPE)range: <3.0.5
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*range: >=1.0,<1.1.14
- (no CPE)range: <1.1.14
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*range: >=2.0,<2.0.0.19
- (no CPE)range: <2.0.0.19
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
42- secunia.com/advisories/33184nvdThird Party Advisory
- secunia.com/advisories/33188nvdThird Party Advisory
- secunia.com/advisories/33189nvdThird Party Advisory
- secunia.com/advisories/33203nvdThird Party Advisory
- secunia.com/advisories/33204nvdThird Party Advisory
- secunia.com/advisories/33205nvdThird Party Advisory
- secunia.com/advisories/33216nvdThird Party Advisory
- secunia.com/advisories/33231nvdThird Party Advisory
- secunia.com/advisories/33232nvdThird Party Advisory
- secunia.com/advisories/33408nvdThird Party Advisory
- secunia.com/advisories/33415nvdThird Party Advisory
- secunia.com/advisories/33421nvdThird Party Advisory
- secunia.com/advisories/33433nvdThird Party Advisory
- secunia.com/advisories/33434nvdThird Party Advisory
- secunia.com/advisories/33523nvdThird Party Advisory
- secunia.com/advisories/33547nvdThird Party Advisory
- secunia.com/advisories/34501nvdThird Party Advisory
- secunia.com/advisories/35080nvdThird Party Advisory
- www.debian.org/security/2009/dsa-1696nvdThird Party Advisory
- www.debian.org/security/2009/dsa-1697nvdThird Party Advisory
- www.debian.org/security/2009/dsa-1704nvdThird Party Advisory
- www.debian.org/security/2009/dsa-1707nvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.mozilla.org/security/announce/2008/mfsa2008-64.htmlnvdVendor Advisory
- www.redhat.com/support/errata/RHSA-2008-1036.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2008-1037.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2009-0002.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/32882nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/usn-690-2nvdThird Party Advisory
- www.ubuntu.com/usn/usn-701-1nvdThird Party Advisory
- www.ubuntu.com/usn/usn-701-2nvdThird Party Advisory
- www.vupen.com/english/advisories/2009/0977nvdThird Party Advisory
- bugzilla.mozilla.org/show_bug.cginvdIssue TrackingVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/47412nvdThird Party AdvisoryVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10512nvdThird Party Advisory
- usn.ubuntu.com/690-1/nvdThird Party Advisory
- usn.ubuntu.com/690-3/nvdThird Party Advisory
- sunsolve.sun.com/search/document.donvdBroken Link
- sunsolve.sun.com/search/document.donvdBroken Link
News mentions
0No linked articles in our index yet.