National Vulnerability Database (NVD) National Vulnerability Database (CVE-2008-4582)

National Cyber Awareness System

Vulnerability Summary for CVE-2008-4582

Original release date:10/15/2008

Last revised:10/31/2012

Source: US-CERT/NIST

Overview

Mozilla Firefox 3.0.1 through 3.0.3, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13, when running on Windows, do not properly identify the context of Windows .url shortcut files, which allows user-assisted remote attackers to bypass the Same Origin Policy and obtain sensitive information via an HTML document that is directly accessible through a filesystem, as demonstrated by documents in (1) local folders, (2) Windows share folders, and (3) RAR archives, and as demonstrated by IFRAMEs referencing shortcuts that point to (a) about:cache?device=memory and (b) about:cache?device=disk, a variant of CVE-2008-2810.

Impact

CVSS Severity (version 2.0):

CVSS v2 Base Score:4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:P/I:N/A:N) (legend)

Impact Subscore: 2.9

Exploitability Subscore: 8.6

CVSS Version 2 Metrics:

Access Vector: Network exploitable; Victim must voluntarily interact with attack mechanism

Access Complexity: Medium

Authentication: Not required to exploit

Impact Type:Allows unauthorized disclosure of information

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

US-CERT Technical Alert: TA08-319A

Name: TA08-319A

Hyperlink:http://www.us-cert.gov/cas/techalerts/TA08-319A.html

External Source: FEDORA

Name: FEDORA-2008-9669

Hyperlink:https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html

External Source: FEDORA

Name: FEDORA-2008-9667

Hyperlink:https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html

External Source: MISC

Name: https://bugzilla.mozilla.org/show_bug.cgi?id=455311

Hyperlink:https://bugzilla.mozilla.org/show_bug.cgi?id=455311

External Source: XF

Name: firefox-internet-shortcut-info-disclosure(45740)

Hyperlink:http://xforce.iss.net/xforce/xfdb/45740

External Source: VUPEN

Name: ADV-2009-0977

Type: Advisory

Hyperlink:http://www.vupen.com/english/advisories/2009/0977

External Source: VUPEN

Name: ADV-2008-2818

Type: Advisory

Hyperlink:http://www.vupen.com/english/advisories/2008/2818

External Source: SECTRACK

Name: 1021190

Hyperlink:http://www.securitytracker.com/id?1021190

External Source: BID

Name: 31747

Hyperlink:http://www.securityfocus.com/bid/31747

External Source: BID

Name: 31611

Hyperlink:http://www.securityfocus.com/bid/31611

External Source: BUGTRAQ

Name: 20081007 Firefox Privacy Broken If Used to Open Web Page File

Hyperlink:http://www.securityfocus.com/archive/1/archive/1/497091/100/0/threaded

External Source: CONFIRM

Name: http://www.mozilla.org/security/announce/2008/mfsa2008-47.html

Hyperlink:http://www.mozilla.org/security/announce/2008/mfsa2008-47.html

External Source: DEBIAN

Name: DSA-1697

Hyperlink:http://www.debian.org/security/2009/dsa-1697

External Source: DEBIAN

Name: DSA-1696

Hyperlink:http://www.debian.org/security/2009/dsa-1696

External Source: DEBIAN

Name: DSA-1671

Hyperlink:http://www.debian.org/security/2008/dsa-1671

External Source: DEBIAN

Name: DSA-1669

Hyperlink:http://www.debian.org/security/2008/dsa-1669

External Source: UBUNTU

Name: USN-667-1

Hyperlink:http://ubuntu.com/usn/usn-667-1

External Source: SUNALERT

Name: 256408

Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1

External Source: SECTRACK

Name: 1021212

Hyperlink:http://securitytracker.com/alerts/2008/Nov/1021212.html

External Source: SECTRACK

Name: 1021190

Hyperlink:http://securitytracker.com/alerts/2008/Nov/1021190.html

External Source: SREASON

Name: 4416

Hyperlink:http://securityreason.com/securityalert/4416

External Source: SECUNIA

Name: 34501

Type: Advisory

Hyperlink:http://secunia.com/advisories/34501

External Source: SECUNIA

Name: 33434

Type: Advisory

Hyperlink:http://secunia.com/advisories/33434

External Source: SECUNIA

Name: 33433

Type: Advisory

Hyperlink:http://secunia.com/advisories/33433

External Source: SECUNIA

Name: 32853

Hyperlink:http://secunia.com/advisories/32853

External Source: SECUNIA

Name: 32845

Type: Advisory

Hyperlink:http://secunia.com/advisories/32845

External Source: SECUNIA

Name: 32778

Hyperlink:http://secunia.com/advisories/32778

External Source: SECUNIA

Name: 32721

Type: Advisory

Hyperlink:http://secunia.com/advisories/32721

External Source: SECUNIA

Name: 32714

Type: Advisory

Hyperlink:http://secunia.com/advisories/32714

External Source: SECUNIA

Name: 32693

Type: Advisory

Hyperlink:http://secunia.com/advisories/32693

External Source: SECUNIA

Name: 32684

Hyperlink:http://secunia.com/advisories/32684

External Source: SECUNIA

Name: 32192

Type: Advisory

Hyperlink:http://secunia.com/advisories/32192

External Source: MISC

Name: http://liudieyu0.blog124.fc2.com/blog-entry-6.html

Hyperlink:http://liudieyu0.blog124.fc2.com/blog-entry-6.html

Vulnerable software and versions

Configuration 1

AND

* cpe:/a:mozilla:firefox:3.0.1

* cpe:/a:mozilla:firefox:3.0.3

* cpe:/a:mozilla:firefox:3.0.2

cpe:/o:microsoft:windows

Configuration 2

AND

* cpe:/a:mozilla:firefox:2.0

* cpe:/a:mozilla:firefox:2.0.0.1

* cpe:/a:mozilla:firefox:2.0.0.10

* cpe:/a:mozilla:firefox:2.0.0.11

* cpe:/a:mozilla:firefox:2.0.0.12

* cpe:/a:mozilla:firefox:2.0.0.13

* cpe:/a:mozilla:firefox:2.0.0.14

* cpe:/a:mozilla:firefox:2.0.0.15

* cpe:/a:mozilla:firefox:2.0.0.16

* cpe:/a:mozilla:firefox:2.0.0.17

cpe:/o:microsoft:windows

Configuration 3

AND

* cpe:/a:mozilla:seamonkey:1.0.9

* cpe:/a:mozilla:seamonkey:1.0.8

* cpe:/a:mozilla:seamonkey:1.0.7

* cpe:/a:mozilla:seamonkey:1.0.6

* cpe:/a:mozilla:seamonkey:1.0.5

* cpe:/a:mozilla:seamonkey:1.0.4

* cpe:/a:mozilla:seamonkey:1.0.3

* cpe:/a:mozilla:seamonkey:1.0.2

* cpe:/a:mozilla:seamonkey:1.0.1

* cpe:/a:mozilla:seamonkey:1.0

* cpe:/a:mozilla:seamonkey:1.0:alpha

* cpe:/a:mozilla:seamonkey:1.0:beta

* cpe:/a:mozilla:seamonkey:1.1

* cpe:/a:mozilla:seamonkey:1.1.1

* cpe:/a:mozilla:seamonkey:1.1.10

* cpe:/a:mozilla:seamonkey:1.1.11

* cpe:/a:mozilla:seamonkey:1.1.12

* cpe:/a:mozilla:seamonkey:1.1:beta

* cpe:/a:mozilla:seamonkey:1.1:alpha

* cpe:/a:mozilla:seamonkey:1.1::beta

* cpe:/a:mozilla:seamonkey:1.1::alpha

* cpe:/a:mozilla:seamonkey:1.1.9

* cpe:/a:mozilla:seamonkey:1.1.8

* cpe:/a:mozilla:seamonkey:1.1.7

* cpe:/a:mozilla:seamonkey:1.1.6

* cpe:/a:mozilla:seamonkey:1.1.5

* cpe:/a:mozilla:seamonkey:1.1.4

* cpe:/a:mozilla:seamonkey:1.1.3

* cpe:/a:mozilla:seamonkey:1.1.2

cpe:/o:microsoft:windows

* Denotes Vulnerable Software

Technical Details

Vulnerability Type (View All)

Permissions, Privileges, and Access Control (CWE-264)

CVE Standard Vulnerability Entry:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4582