VYPR
Unrated severityNVD Advisory· Published Dec 17, 2008· Updated Jun 16, 2026

CVE-2008-5508

CVE-2008-5508

Description

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not properly parse URLs with leading whitespace or control characters, which might allow remote attackers to misrepresent URLs and simplify phishing attacks.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

13
  • cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: >=2.0,<2.0.0.19
    • (no CPE)range: <3.0.5
  • cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*range: >=1.0,<1.1.14
    • (no CPE)range: <1.1.14
  • cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*range: >=2.0,<2.0.0.19
    • (no CPE)range: <2.0.0.19
  • cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*+ 3 more
    • cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
  • Debian/linux2 versions
    cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

41

News mentions

0

No linked articles in our index yet.