CVE-2008-5510

Priority
Medium
Description
The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19,
Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores
the '\0' escaped null character, which might allow remote attackers to
bypass protection mechanisms such as sanitization routines.
References
Package
Upstream:released (3.0.5)
Ubuntu 8.04 LTS (Hardy Heron):released (3.0.5+nobinonly-0ubuntu0.8.04.1)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Package
Upstream:released (2.0.0.19)
Ubuntu 8.04 LTS (Hardy Heron):released (2.0.0.19+nobinonly1-0ubuntu0.8.04.1)
Ubuntu 10.04 LTS (Lucid Lynx):released (3.0.5+nobinonly-0ubuntu0.8.04.1)
Ubuntu 11.04 (Natty Narwhal):released (3.0.5+nobinonly-0ubuntu0.8.04.1)
Ubuntu 11.10 (Oneiric Ocelot):released (3.0.5+nobinonly-0ubuntu0.8.04.1)
Package
Upstream:released (1.1.14)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Package
Upstream:released (1.1.14)
Ubuntu 8.04 LTS (Hardy Heron):released (1.1.15+nobinonly-0ubuntu0.8.04.2)
Ubuntu 10.04 LTS (Lucid Lynx):released (1.1.15+nobinonly-0ubuntu2)
Ubuntu 11.04 (Natty Narwhal):released (1.1.15+nobinonly-0ubuntu2)
Ubuntu 11.10 (Oneiric Ocelot):released (1.1.15+nobinonly-0ubuntu2)
Package
Upstream:released (2.0.0.19)
Ubuntu 8.04 LTS (Hardy Heron):released (2.0.0.19+nobinonly-0ubuntu0.8.04.1)
Ubuntu 10.04 LTS (Lucid Lynx):released (2.0.0.19+nobinonly-0ubuntu1)
Ubuntu 11.04 (Natty Narwhal):released (2.0.0.19+nobinonly-0ubuntu1)
Ubuntu 11.10 (Oneiric Ocelot):released (2.0.0.19+nobinonly-0ubuntu1)
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):released (1.9.0.5+nobinonly-0ubuntu0.8.04.1)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):released (1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.8.04.1)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 11.04 (Natty Narwhal):DNE
Ubuntu 11.10 (Oneiric Ocelot):DNE
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:19:23 UTC (commit 5347)