CVE-2008-5511

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy and conduct cross-site scripting (XSS) attacks via an XBL binding to an "unloaded document."

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://secunia.com/advisories/33184	Third Party Advisory
http://secunia.com/advisories/33188	Third Party Advisory
http://secunia.com/advisories/33189	Third Party Advisory
http://secunia.com/advisories/33203	Third Party Advisory
http://secunia.com/advisories/33204	Third Party Advisory
http://secunia.com/advisories/33205	Third Party Advisory
http://secunia.com/advisories/33216	Third Party Advisory
http://secunia.com/advisories/33231	Third Party Advisory
http://secunia.com/advisories/33232	Third Party Advisory
http://secunia.com/advisories/33408	Third Party Advisory
http://secunia.com/advisories/33415	Third Party Advisory
http://secunia.com/advisories/33421	Third Party Advisory
http://secunia.com/advisories/33433	Third Party Advisory
http://secunia.com/advisories/33434	Third Party Advisory
http://secunia.com/advisories/33523	Third Party Advisory
http://secunia.com/advisories/33547	Third Party Advisory
http://secunia.com/advisories/34501	Third Party Advisory
http://secunia.com/advisories/35080	Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1	Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1	Broken Link
http://www.debian.org/security/2009/dsa-1696	Third Party Advisory
http://www.debian.org/security/2009/dsa-1697	Third Party Advisory
http://www.debian.org/security/2009/dsa-1704	Third Party Advisory
http://www.debian.org/security/2009/dsa-1707	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:244	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:245	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2009:012	Third Party Advisory
http://www.mozilla.org/security/announce/2008/mfsa2008-68.html	Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-1036.html	Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-1037.html	Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2009-0002.html	Third Party Advisory
http://www.securityfocus.com/bid/32882	Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1021418	Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-690-2	Third Party Advisory
http://www.ubuntu.com/usn/usn-701-1	Third Party Advisory
http://www.ubuntu.com/usn/usn-701-2	Third Party Advisory
http://www.vupen.com/english/advisories/2009/0977	Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=451680	Issue Tracking Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=464174	Issue Tracking Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/47417	Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11881	Third Party Advisory
https://usn.ubuntu.com/690-1/	Third Party Advisory
https://usn.ubuntu.com/690-3/	Third Party Advisory
http://secunia.com/advisories/33184	Third Party Advisory
http://secunia.com/advisories/33188	Third Party Advisory
http://secunia.com/advisories/33189	Third Party Advisory
http://secunia.com/advisories/33203	Third Party Advisory
http://secunia.com/advisories/33204	Third Party Advisory
http://secunia.com/advisories/33205	Third Party Advisory
http://secunia.com/advisories/33216	Third Party Advisory
http://secunia.com/advisories/33231	Third Party Advisory
http://secunia.com/advisories/33232	Third Party Advisory
http://secunia.com/advisories/33408	Third Party Advisory
http://secunia.com/advisories/33415	Third Party Advisory
http://secunia.com/advisories/33421	Third Party Advisory
http://secunia.com/advisories/33433	Third Party Advisory
http://secunia.com/advisories/33434	Third Party Advisory
http://secunia.com/advisories/33523	Third Party Advisory
http://secunia.com/advisories/33547	Third Party Advisory
http://secunia.com/advisories/34501	Third Party Advisory
http://secunia.com/advisories/35080	Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1	Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1	Broken Link
http://www.debian.org/security/2009/dsa-1696	Third Party Advisory
http://www.debian.org/security/2009/dsa-1697	Third Party Advisory
http://www.debian.org/security/2009/dsa-1704	Third Party Advisory
http://www.debian.org/security/2009/dsa-1707	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:244	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:245	Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2009:012	Third Party Advisory
http://www.mozilla.org/security/announce/2008/mfsa2008-68.html	Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-1036.html	Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-1037.html	Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2009-0002.html	Third Party Advisory
http://www.securityfocus.com/bid/32882	Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1021418	Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-690-2	Third Party Advisory
http://www.ubuntu.com/usn/usn-701-1	Third Party Advisory
http://www.ubuntu.com/usn/usn-701-2	Third Party Advisory
http://www.vupen.com/english/advisories/2009/0977	Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=451680	Issue Tracking Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=464174	Issue Tracking Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/47417	Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11881	Third Party Advisory
https://usn.ubuntu.com/690-1/	Third Party Advisory
https://usn.ubuntu.com/690-3/	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:mozilla:firefox::::::::
	cpe:2.3:a:mozilla:firefox::::::::
	cpe:2.3:a:mozilla:seamonkey::::::::
	cpe:2.3:a:mozilla:thunderbird::::::::

Configuration 2 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:6.06::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:8.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:8.10:::::::*

Configuration 3 (hide)

OR	cpe:2.3:o:debian:debian_linux:4.0:::::::*
	cpe:2.3:o:debian:debian_linux:5.0:::::::*

History

21 Nov 2024, 00:54

Information

Published : 2008-12-17 23:30

Updated : 2025-04-09 00:30

NVD link : CVE-2008-5511

Mitre link : CVE-2008-5511

CVE.ORG link : CVE-2008-5511

JSON object : View

Products Affected

debian

debian_linux

mozilla

thunderbird
seamonkey
firefox

canonical

ubuntu_linux

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2008-5511", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2008-12-17T23:30:00.640", "references": [{"url": "http://secunia.com/advisories/33184", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/33188", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/33189", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/33203", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/33204", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/33205", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/33216", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/33231", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/33232", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/33408", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/33415", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/33421", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/33433", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/33434", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/33523", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/33547", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/34501", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/35080", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2009/dsa-1696", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2009/dsa-1697", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2009/dsa-1704", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2009/dsa-1707", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:244", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:245", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:012", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.mozilla.org/security/announce/2008/mfsa2008-68.html", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-1036.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-1037.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2009-0002.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/32882", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1021418", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/usn-690-2", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/usn-701-1", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/usn-701-2", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2009/0977", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=451680", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=464174", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47417", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11881", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://usn.ubuntu.com/690-1/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://usn.ubuntu.com/690-3/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/33184", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/33188", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/33189", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/33203", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/33204", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/33205", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/33216", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/33231", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/33232", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/33408", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/33415", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/33421", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/33433", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/33434", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/33523", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/33547", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/34501", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/35080", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2009/dsa-1696", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2009/dsa-1697", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2009/dsa-1704", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.debian.org/security/2009/dsa-1707", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:244", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:245", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:012", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.mozilla.org/security/announce/2008/mfsa2008-68.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-1036.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-1037.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.redhat.com/support/errata/RHSA-2009-0002.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/32882", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1021418", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.ubuntu.com/usn/usn-690-2", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.ubuntu.com/usn/usn-701-1", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.ubuntu.com/usn/usn-701-2", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2009/0977", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=451680", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=464174", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47417", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11881", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://usn.ubuntu.com/690-1/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://usn.ubuntu.com/690-3/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy and conduct cross-site scripting (XSS) attacks via an XBL binding to an \"unloaded document.\""}, {"lang": "es", "value": "Mozilla Firefox 3.x antes de v3.0.5 y 2.x antes de v2.0.0.19, Thunderbird 2.x antes 2.0.0.19 y SeaMonkey 1.x antes de v1.1.14 permite a atacantes remotos evitar la pol\u00edtica de mismo origen y llevar a cabo ataques de secuencias de comandos en sitios cruzados (XSS) mediante una vinculaci\u00f3n XBL a un \"documento no descargado\"."}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8B5BCBB-C10E-44E5-8235-01560BD9273C", "versionEndExcluding": "2.0.0.19", "versionStartIncluding": "2.0"}, {"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "867B189D-CF88-41C5-8FBA-893C100BE203", "versionEndExcluding": "3.0.5", "versionStartIncluding": "3.0"}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47BE5CA2-9885-479A-8C9C-E6D5FA2E1C7D", "versionEndExcluding": "1.1.14", "versionStartIncluding": "1.0"}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1884DC26-E9BE-43FB-8C7B-2116F4857E7E", "versionEndExcluding": "2.0.0.19", "versionStartIncluding": "2.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "823BF8BE-2309-4F67-A5E2-EAD98F723468"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "C91D2DBF-6DA7-4BA2-9F29-8BD2725A4701"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4747CC68-FAF4-482F-929A-9DA6C24CB663"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7"}, {"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}

4.3 /10