漏洞信息(CVE-2008-0416)

一、漏洞 CVE-2008-0416 基础信息

漏洞标题

N/A

来源：AIGC 神龙大模型

漏洞描述信息

在Mozilla Firefox 2.0.0.12之前、Thunderbird 2.0.0.12之前和SeaMonkey 1.1.8之前，Mozilla Firefox、Thunderbird和SeaMonkey都存在多个跨站脚本(XSS)漏洞，允许远程攻击者通过某些字符编码将任意的网页脚本或HTML注入到网页中，包括(1)回退字符，被视为空白字符；(2)Shift_JIS编码下的0x80;(3)某些亚洲字符集中的"零长度非ASCII序列"。

来源：AIGC 神龙大模型

CVSS信息

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

来源：AIGC 神龙大模型

漏洞类别

N/A

来源：AIGC 神龙大模型

漏洞标题

N/A

来源：美国国家漏洞数据库 NVD

漏洞描述信息

Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allow remote attackers to inject arbitrary web script or HTML via certain character encodings, including (1) a backspace character that is treated as whitespace, (2) 0x80 with Shift_JIS encoding, and (3) "zero-length non-ASCII sequences" in certain Asian character sets.

来源：美国国家漏洞数据库 NVD

CVSS信息

N/A

来源：美国国家漏洞数据库 NVD

漏洞类别

N/A

来源：美国国家漏洞数据库 NVD

漏洞标题

Mozilla Firefox 跨站脚本漏洞

来源：中国国家信息安全漏洞库 CNNVD

漏洞描述信息

Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Mozilla Firefox 2.0.0.12之前版本存在跨站脚本漏洞。攻击者利用该漏洞通过某些字符编码可以注入任意Web脚本或HTML。

来源：中国国家信息安全漏洞库 CNNVD

CVSS信息

N/A

来源：中国国家信息安全漏洞库 CNNVD

漏洞类别

跨站脚本

来源：中国国家信息安全漏洞库 CNNVD

二、漏洞 CVE-2008-0416 的公开POC

#	POC 描述	源链接	神龙链接

三、漏洞 CVE-2008-0416 的情报信息

http://www.mozilla.org/security/announce/2008/mfsa2008-13.html x_refsource_CONFIRM
https://bugzilla.mozilla.org/buglist.cgi?bug_id=404252%2C381412%2C407161 x_refsource_MISC
http://secunia.com/advisories/29541 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/28839 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/31043 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/30620 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/28865 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/28879 third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/30327 third-party-advisory x_refsource_SECUNIA
http://www.securityfocus.com/bid/29303 vdb-entry x_refsource_BID
http://secunia.com/advisories/28864 third-party-advisory x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1 vendor-advisory x_refsource_SUNALERT
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239546-1 vendor-advisory x_refsource_SUNALERT
http://www.debian.org/security/2008/dsa-1485 vendor-advisory x_refsource_DEBIAN
http://www.debian.org/security/2008/dsa-1484 vendor-advisory x_refsource_DEBIAN
http://www.debian.org/security/2008/dsa-1489 vendor-advisory x_refsource_DEBIAN
http://www.us-cert.gov/cas/techalerts/TA08-087A.html third-party-advisory x_refsource_CERT
http://www.ubuntu.com/usn/usn-592-1 vendor-advisory x_refsource_UBUNTU
https://usn.ubuntu.com/576-1/ vendor-advisory x_refsource_UBUNTU
http://www.turbolinux.com/security/2008/TLSA-2008-9.txt vendor-advisory x_refsource_TURBO
http://jvn.jp/en/jp/JVN21563357/index.html third-party-advisory x_refsource_JVN
http://www.vupen.com/english/advisories/2008/1793/references vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2008/2091/references vdb-entry x_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml vendor-advisory x_refsource_GENTOO
http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000021.html third-party-advisory x_refsource_JVNDB
https://exchange.xforce.ibmcloud.com/vulnerabilities/40488 vdb-entry x_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2008-0416

一、 漏洞 CVE-2008-0416 基础信息

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

二、漏洞 CVE-2008-0416 的公开POC

三、漏洞 CVE-2008-0416 的情报信息

一、漏洞 CVE-2008-0416 基础信息