CVE-2008-2933: CVE-2008-2933

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2008-2933

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' (pipe) characters in a command-line URI as requests to open multiple tabs, which allows remote attackers to access chrome:i URIs, or read arbitrary local files via manipulations involving a series of URIs that is not entirely handled by a vector application, as exploited in conjunction with CVE-2008-2540. NOTE: this issue exists because of an insufficient fix for CVE-2005-2267.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Mozilla Firefox URI拆分绕过安全限制漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Firefox是流行的开源WEB浏览器。 Firefox可以处理来自用户或程序可访问的命令行接口的URI，如果使用管道符号("|")通过命令行接口向Firefox传送了多个URI的话，就会在启动Firefox时在标签页中打开了URI。攻击者可以利用这个漏洞向Firefox传送应由其他应用所处理的URI。由于Firefox可能认为发送的URI来自于本地内容来源，因此远程内容可以绕过基于来源的安全限制。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2008-2933

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2008-2933

Please Login to view more intelligence information

http://www.mozilla.org/security/announce/2008/mfsa2008-35.htmlx_refsource_CONFIRM
http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=InfoDocument-patchbuilder-readme5031400x_refsource_CONFIRM
https://issues.rpath.com/browse/RPL-2683x_refsource_CONFIRM
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0238x_refsource_CONFIRM
https://bugzilla.mozilla.org/show_bug.cgi?id=441120x_refsource_CONFIRM
http://www.securityfocus.com/bid/30242vdb-entryx_refsource_BID
http://secunia.com/advisories/31183third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/31120third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/31176third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/34501third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/31157third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/31121third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/33433third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/31306third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/31145third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/31129third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/31270third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/31261third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/31106third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/31377third-party-advisoryx_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1vendor-advisoryx_refsource_SUNALERT
http://www.securitytracker.com/id?1020500vdb-entryx_refsource_SECTRACK
http://www.debian.org/security/2008/dsa-1615vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2009/dsa-1697vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2008/dsa-1614vendor-advisoryx_refsource_DEBIAN
http://www.kb.cert.org/vuls/id/130923third-party-advisoryx_refsource_CERT-VN
http://www.ubuntu.com/usn/usn-623-1vendor-advisoryx_refsource_UBUNTU
http://www.ubuntu.com/usn/usn-626-2vendor-advisoryx_refsource_UBUNTU
http://www.ubuntu.com/usn/usn-626-1vendor-advisoryx_refsource_UBUNTU
http://www.vupen.com/english/advisories/2009/0977vdb-entryx_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2008-0598.htmlvendor-advisoryx_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2008-0597.htmlvendor-advisoryx_refsource_REDHAT
http://security.gentoo.org/glsa/glsa-200808-03.xmlvendor-advisoryx_refsource_GENTOO
http://www.mandriva.com/security/advisories?name=MDVSA-2008:148vendor-advisoryx_refsource_MANDRIVA
http://www.slackware.org/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.380974vendor-advisoryx_refsource_SLACKWARE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11618vdb-entrysignaturex_refsource_OVAL
http://www.securityfocus.com/archive/1/494860/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/43832vdb-entryx_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2008-2933

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2008-2933

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2008-2933

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2008-2933

III. Intelligence Information for CVE-2008-2933

IV. Related Vulnerabilities

V. Comments for CVE-2008-2933

Leave a comment