CVE-2008-5506

N/A Unknown
Published: December 17, 2008 Modified: April 23, 2026
View on NVD

Description

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy by causing the browser to issue an XMLHttpRequest to an attacker-controlled resource that uses a 302 redirect to a resource in a different domain, then reading content from the response, aka "response disclosure."

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://secunia.com/advisories/33184
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33188
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33189
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33203
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33204
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33205
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33216
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33231
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33232
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33408
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33415
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33421
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33433
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33434
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33523
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33547
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/34501
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/35080
Source: secalert@redhat.com
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
Source: secalert@redhat.com
Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1
Source: secalert@redhat.com
Broken Link
http://www.debian.org/security/2009/dsa-1696
Source: secalert@redhat.com
Third Party Advisory
http://www.debian.org/security/2009/dsa-1697
Source: secalert@redhat.com
Third Party Advisory
http://www.debian.org/security/2009/dsa-1704
Source: secalert@redhat.com
Third Party Advisory
http://www.debian.org/security/2009/dsa-1707
Source: secalert@redhat.com
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:244
Source: secalert@redhat.com
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:245
Source: secalert@redhat.com
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2009:012
Source: secalert@redhat.com
Third Party Advisory
http://www.mozilla.org/security/announce/2008/mfsa2008-64.html
Source: secalert@redhat.com
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-1036.html
Source: secalert@redhat.com
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-1037.html
Source: secalert@redhat.com
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2009-0002.html
Source: secalert@redhat.com
Third Party Advisory
http://www.securityfocus.com/bid/32882
Source: secalert@redhat.com
Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1021427
Source: secalert@redhat.com
Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-690-2
Source: secalert@redhat.com
Third Party Advisory
http://www.ubuntu.com/usn/usn-701-1
Source: secalert@redhat.com
Third Party Advisory
http://www.ubuntu.com/usn/usn-701-2
Source: secalert@redhat.com
Third Party Advisory
http://www.vupen.com/english/advisories/2009/0977
Source: secalert@redhat.com
Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=458248
Source: secalert@redhat.com
Issue Tracking Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/47412
Source: secalert@redhat.com
Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10512
Source: secalert@redhat.com
Third Party Advisory
https://usn.ubuntu.com/690-1/
Source: secalert@redhat.com
Third Party Advisory
https://usn.ubuntu.com/690-3/
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33184
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33188
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33189
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33203
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33204
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33205
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33216
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33231
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33232
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33408
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33415
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33421
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33433
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33434
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33523
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33547
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/34501
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/35080
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.debian.org/security/2009/dsa-1696
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2009/dsa-1697
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2009/dsa-1704
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2009/dsa-1707
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:244
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:245
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2009:012
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.mozilla.org/security/announce/2008/mfsa2008-64.html
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-1036.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-1037.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2009-0002.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/bid/32882
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1021427
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-690-2
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.ubuntu.com/usn/usn-701-1
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.ubuntu.com/usn/usn-701-2
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2009/0977
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=458248
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/47412
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10512
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://usn.ubuntu.com/690-1/
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://usn.ubuntu.com/690-3/
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

84 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.5%
67th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-264

Affected Vendors

debian canonical mozilla

Related CVEs

CVE-2026-6175 N/A
CVE-2026-42171 7.8
CVE-2026-41488 3.1
CVE-2026-41481 6.5
CVE-2026-41478 9.9