Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2008-0593

Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and read sensitive information from the original URL, such as with Single-Signon systems.

  • Published: Feb 9, 2008
  • Updated: Apr 13, 2023
  • CVE: CVE-2008-0593
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:P/I:N/A:N

CWEs:

Software From Fixed in
mozilla / firefox 1.5.2 1.5.2.x
mozilla / firefox 1.0.2 1.0.2.x
mozilla / firefox 0.2 0.2.x
mozilla / firefox 2.0 2.0.x
mozilla / firefox 1.5.0.12 1.5.0.12.x
mozilla / firefox 1.5.0.2 1.5.0.2.x
mozilla / firefox - 2.0.0.11.x
mozilla / firefox 2.0.0.1 2.0.0.1.x
mozilla / firefox 0.9.2 0.9.2.x
mozilla / firefox 2.0.0.10 2.0.0.10.x
mozilla / seamonkey 1.1.10 1.1.10.x
mozilla / seamonkey - -
mozilla / seamonkey 1.0.3 1.0.3.x
mozilla / seamonkey 1.0.1 1.0.1.x
mozilla / seamonkey 1.0.6 1.0.6.x
mozilla / seamonkey 1.0.9 1.0.9.x
mozilla / seamonkey 1.0 1.0.x
mozilla / seamonkey 1.0.99 1.0.99.x
mozilla / seamonkey 1.0.7 1.0.7.x
mozilla / seamonkey 1.0-beta 1.0-beta.x
mozilla / seamonkey - 1.1.17.x
mozilla / seamonkey 1.0-alpha 1.0-alpha.x
mozilla / seamonkey 1.1.12 1.1.12.x
mozilla / seamonkey 1.1 1.1.x
mozilla / seamonkey 1.1.14 1.1.14.x
mozilla / seamonkey 1.1.2 1.1.2.x
mozilla / seamonkey 1.0.2 1.0.2.x
mozilla / seamonkey 1.0.8 1.0.8.x
mozilla / seamonkey 1.1.11 1.1.11.x
mozilla / seamonkey 1.1.1 1.1.1.x
mozilla / seamonkey 1.0.5 1.0.5.x
mozilla / seamonkey 1.1.15 1.1.15.x
mozilla / seamonkey 1.1.16 1.1.16.x
mozilla / seamonkey 1.0.4 1.0.4.x
mozilla / seamonkey 1.1.13 1.1.13.x