[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-5500Date: (C)2008-12-17   (M)2024-02-09


The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to (1) a reachable assertion or (2) an integer overflow.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1021417
SUNALERT-256408
SUNALERT-258748
BID-32882
SECUNIA-33184
SECUNIA-33188
SECUNIA-33189
SECUNIA-33203
SECUNIA-33204
SECUNIA-33205
SECUNIA-33216
SECUNIA-33231
SECUNIA-33232
SECUNIA-33408
SECUNIA-33415
SECUNIA-33421
SECUNIA-33433
SECUNIA-33434
SECUNIA-33523
SECUNIA-33547
SECUNIA-34501
SECUNIA-35080
ADV-2009-0977
DSA-1696
DSA-1697
DSA-1704
DSA-1707
MDVSA-2008:244
MDVSA-2008:245
MDVSA-2009:012
RHSA-2008:1036
RHSA-2008:1037
RHSA-2009:0002
USN-690-1
USN-690-2
USN-690-3
USN-701-1
USN-701-2
http://www.mozilla.org/security/announce/2008/mfsa2008-60.html
https://bugzilla.mozilla.org/show_bug.cgi?id=460803
https://bugzilla.mozilla.org/show_bug.cgi?id=464998
mozilla-layout-code-execution-var3(47406)
oval:org.mitre.oval:def:11053

CPE    9
cpe:/a:mozilla:thunderbird
cpe:/o:debian:debian_linux:4.0
cpe:/o:debian:debian_linux:5.0
cpe:/a:mozilla:seamonkey
...
CWE    1
CWE-399
OVAL    21
oval:org.secpod.oval:def:200409
oval:org.secpod.oval:def:600436
oval:org.secpod.oval:def:400064
oval:org.secpod.oval:def:700482
...

© SecPod Technologies