CVE-2008-5508

N/A Unknown
Published: December 17, 2008 Modified: April 23, 2026
View on NVD

Description

Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not properly parse URLs with leading whitespace or control characters, which might allow remote attackers to misrepresent URLs and simplify phishing attacks.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://secunia.com/advisories/33184
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33188
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33189
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33203
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33204
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33205
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33216
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33231
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33408
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33415
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33421
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33433
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33434
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33523
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33547
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/34501
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/35080
Source: secalert@redhat.com
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
Source: secalert@redhat.com
Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1
Source: secalert@redhat.com
Broken Link
http://www.debian.org/security/2009/dsa-1696
Source: secalert@redhat.com
Third Party Advisory
http://www.debian.org/security/2009/dsa-1697
Source: secalert@redhat.com
Third Party Advisory
http://www.debian.org/security/2009/dsa-1704
Source: secalert@redhat.com
Third Party Advisory
http://www.debian.org/security/2009/dsa-1707
Source: secalert@redhat.com
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:244
Source: secalert@redhat.com
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:245
Source: secalert@redhat.com
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2009:012
Source: secalert@redhat.com
Third Party Advisory
http://www.mozilla.org/security/announce/2008/mfsa2008-66.html
Source: secalert@redhat.com
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-1036.html
Source: secalert@redhat.com
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-1037.html
Source: secalert@redhat.com
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2009-0002.html
Source: secalert@redhat.com
Third Party Advisory
http://www.securityfocus.com/bid/32882
Source: secalert@redhat.com
Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1021426
Source: secalert@redhat.com
Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-690-2
Source: secalert@redhat.com
Third Party Advisory
http://www.ubuntu.com/usn/usn-701-1
Source: secalert@redhat.com
Third Party Advisory
http://www.ubuntu.com/usn/usn-701-2
Source: secalert@redhat.com
Third Party Advisory
http://www.vupen.com/english/advisories/2009/0977
Source: secalert@redhat.com
Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=425046
Source: secalert@redhat.com
Issue Tracking Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=460803
Source: secalert@redhat.com
Issue Tracking Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/47414
Source: secalert@redhat.com
Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11040
Source: secalert@redhat.com
Third Party Advisory
https://usn.ubuntu.com/690-1/
Source: secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/33184
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33188
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33189
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33203
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33204
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33205
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33216
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33231
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33408
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33415
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33421
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33433
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33434
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33523
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/33547
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/34501
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/35080
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.debian.org/security/2009/dsa-1696
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2009/dsa-1697
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2009/dsa-1704
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2009/dsa-1707
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:244
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:245
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2009:012
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.mozilla.org/security/announce/2008/mfsa2008-66.html
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-1036.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-1037.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2009-0002.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/bid/32882
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1021426
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-690-2
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.ubuntu.com/usn/usn-701-1
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.ubuntu.com/usn/usn-701-2
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2009/0977
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=425046
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=460803
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/47414
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11040
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://usn.ubuntu.com/690-1/
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

82 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
2.2%
84th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-20

Affected Vendors

debian canonical mozilla

Related CVEs

CVE-2026-6175 N/A
CVE-2026-42171 7.8
CVE-2026-41488 3.1
CVE-2026-41481 6.5
CVE-2026-41478 9.9