Unrated severityNVD Advisory· Published Dec 17, 2008· Updated Apr 23, 2026
CVE-2008-5508
CVE-2008-5508
Description
Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not properly parse URLs with leading whitespace or control characters, which might allow remote attackers to misrepresent URLs and simplify phishing attacks.
Affected products
9cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
41- secunia.com/advisories/33184nvdThird Party Advisory
- secunia.com/advisories/33188nvdThird Party Advisory
- secunia.com/advisories/33189nvdThird Party Advisory
- secunia.com/advisories/33203nvdThird Party Advisory
- secunia.com/advisories/33204nvdThird Party Advisory
- secunia.com/advisories/33205nvdThird Party Advisory
- secunia.com/advisories/33216nvdThird Party Advisory
- secunia.com/advisories/33231nvdThird Party Advisory
- secunia.com/advisories/33408nvdThird Party Advisory
- secunia.com/advisories/33415nvdThird Party Advisory
- secunia.com/advisories/33421nvdThird Party Advisory
- secunia.com/advisories/33433nvdThird Party Advisory
- secunia.com/advisories/33434nvdThird Party Advisory
- secunia.com/advisories/33523nvdThird Party Advisory
- secunia.com/advisories/33547nvdThird Party Advisory
- secunia.com/advisories/34501nvdThird Party Advisory
- secunia.com/advisories/35080nvdThird Party Advisory
- www.debian.org/security/2009/dsa-1696nvdThird Party Advisory
- www.debian.org/security/2009/dsa-1697nvdThird Party Advisory
- www.debian.org/security/2009/dsa-1704nvdThird Party Advisory
- www.debian.org/security/2009/dsa-1707nvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.mozilla.org/security/announce/2008/mfsa2008-66.htmlnvdVendor Advisory
- www.redhat.com/support/errata/RHSA-2008-1036.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2008-1037.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2009-0002.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/32882nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/usn-690-2nvdThird Party Advisory
- www.ubuntu.com/usn/usn-701-1nvdThird Party Advisory
- www.ubuntu.com/usn/usn-701-2nvdThird Party Advisory
- www.vupen.com/english/advisories/2009/0977nvdThird Party Advisory
- bugzilla.mozilla.org/show_bug.cginvdIssue TrackingVendor Advisory
- bugzilla.mozilla.org/show_bug.cginvdIssue TrackingVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/47414nvdThird Party AdvisoryVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11040nvdThird Party Advisory
- usn.ubuntu.com/690-1/nvdThird Party Advisory
- sunsolve.sun.com/search/document.donvdBroken Link
- sunsolve.sun.com/search/document.donvdBroken Link
News mentions
0No linked articles in our index yet.