Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1380

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-1380
Last Modified 07 Mar 2011 10:07:00
Published 17 Apr 2008 03:05:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-1380

Summary

The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird before 2.0.0.14, and SeaMonkey before 1.1.10 allows remote attackers to cause a denial of service (garbage collector crash) and possibly have other impacts via a crafted web page. NOTE: this is due to an incorrect fix for CVE-2008-1237.

Vulnerable Systems

Application

  • Mozilla Firefox 2.0

  • Mozilla Firefox 2.0.0.1

  • Mozilla Firefox 2.0.0.10

  • Mozilla Firefox 2.0.0.11

  • Mozilla Firefox 2.0.0.12

  • Mozilla Firefox 2.0.0.13

  • Mozilla Firefox 2.0.0.2

  • Mozilla Firefox 2.0.0.3

  • Mozilla Firefox 2.0.0.4

  • Mozilla Firefox 2.0.0.5

  • Mozilla Firefox 2.0.0.6

  • Mozilla Firefox 2.0.0.7

  • Mozilla Firefox 2.0.0.8

  • Mozilla Firefox 2.0.0.9

  • Mozilla Seamonkey 1.0

  • Mozilla Seamonkey 1.0.1

  • Mozilla Seamonkey 1.0.2

  • Mozilla Seamonkey 1.0.3

  • Mozilla Seamonkey 1.0.4

  • Mozilla Seamonkey 1.0.5

  • Mozilla Seamonkey 1.0.6

  • Mozilla Seamonkey 1.0.7

  • Mozilla Seamonkey 1.0.8

  • Mozilla Seamonkey 1.0.9

  • Mozilla Seamonkey 1.0.99

  • Mozilla Seamonkey 1.1

  • Mozilla Seamonkey 1.1.2

  • Mozilla Seamonkey 1.1.3

  • Mozilla Seamonkey 1.1.4

  • Mozilla Seamonkey 1.1.5

  • Mozilla Seamonkey 1.1.6

  • Mozilla Seamonkey 1.1.7

  • Mozilla Seamonkey 1.1.8

  • Mozilla Seamonkey 1.1.9

  • Mozilla Thunderbird 2.0.0.0

  • Mozilla Thunderbird 2.0.0.1

  • Mozilla Thunderbird 2.0.0.11

  • Mozilla Thunderbird 2.0.0.12

  • Mozilla Thunderbird 2.0.0.13

  • Mozilla Thunderbird 2.0.0.2

  • Mozilla Thunderbird 2.0.0.3

  • Mozilla Thunderbird 2.0.0.4

  • Mozilla Thunderbird 2.0.0.5

  • Mozilla Thunderbird 2.0.0.6

  • Mozilla Thunderbird 2.0.0.8

  • Mozilla Thunderbird 2.0.0.9


References

CERT-VN - VU#441529

SECUNIA - 29787

FEDORA - FEDORA-2008-3557

FEDORA - FEDORA-2008-3519

MISC - https://bugzilla.mozilla.org/show_bug.cgi?id=425576

VUPEN - ADV-2008-1793

VUPEN - ADV-2008-1251

SECTRACK - 1019873

BID - 28818

SUSE - SUSE-SR:2008:013

CONFIRM - http://www.mozilla.org/security/announce/2008/mfsa2008-20.html

MANDRIVA - MDVSA-2008:110

GENTOO - GLSA-200805-18

DEBIAN - DSA-1696

SUNALERT - 238492

SLACKWARE - SSA:2008-191-03

GENTOO - GLSA-200808-03

SECUNIA - 33434

SECUNIA - 31377

SECUNIA - 31023

SECUNIA - 30717

SECUNIA - 30620

SECUNIA - 30192

SECUNIA - 29860

FEDORA - FEDORA-2008-3264

FEDORA - FEDORA-2008-3231

XF - mozilla-garbage-code-execution(41857)

UBUNTU - USN-602-1

BUGTRAQ - 20080508 FLEA-2008-0008-1 firefox

REDHAT - RHSA-2008:0224

REDHAT - RHSA-2008:0223

REDHAT - RHSA-2008:0222

DEBIAN - DSA-1562

DEBIAN - DSA-1558

DEBIAN - DSA-1555

SLACKWARE - SSA:2008-108-01

SECUNIA - 30327

SECUNIA - 30029

SECUNIA - 30012

SECUNIA - 29947

SECUNIA - 29912

SECUNIA - 29911

SECUNIA - 29908

SECUNIA - 29883

SECUNIA - 29828

SECUNIA - 29793

SUSE - SUSE-SR:2008:011

Related Patches

Novell SUSE 2008:5218 MozillaFirefox security update for SLE 10 SP1 i586


Last Updated: 27 May 2016 10:47:08