Back to search
CVE-2008-0416
Published: Feb 12, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allow remote attackers to inject arbitrary web script or HTML via certain character encodings, including (1) a backspace character that is treated as whitespace, (2) 0x80 with Shift_JIS encoding, and (3) "zero-length non-ASCII sequences" in certain Asian character sets.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
TLSA-2008-9
vendor-advisory
x_refsource_TURBO
29541
third-party-advisory
x_refsource_SECUNIA
firefox-character-encoding-xss(40488)
vdb-entry
x_refsource_XF
JVNDB-2008-000021
third-party-advisory
x_refsource_JVNDB
30620
third-party-advisory
x_refsource_SECUNIA
28865
third-party-advisory
x_refsource_SECUNIA
28879
third-party-advisory
x_refsource_SECUNIA
30327
third-party-advisory
x_refsource_SECUNIA
238492
vendor-advisory
x_refsource_SUNALERT
USN-592-1
vendor-advisory
x_refsource_UBUNTU
DSA-1489
vendor-advisory
x_refsource_DEBIAN
239546
vendor-advisory
x_refsource_SUNALERT
28864
third-party-advisory
x_refsource_SECUNIA
DSA-1485
vendor-advisory
x_refsource_DEBIAN
ADV-2008-1793
vdb-entry
x_refsource_VUPEN
ADV-2008-2091
vdb-entry
x_refsource_VUPEN
JVN#21563357
third-party-advisory
x_refsource_JVN
TA08-087A
third-party-advisory
x_refsource_CERT
http://www.mozilla.org/security/announce/2008/mfsa2008-13.html
x_refsource_CONFIRM
DSA-1484
vendor-advisory
x_refsource_DEBIAN
29303
vdb-entry
x_refsource_BID
GLSA-200805-18
vendor-advisory
x_refsource_GENTOO
31043
third-party-advisory
x_refsource_SECUNIA
28839
third-party-advisory
x_refsource_SECUNIA
USN-576-1
vendor-advisory
x_refsource_UBUNTU
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now