Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5500

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-5500
Last Modified 30 Oct 2012 11:07:52
Published 17 Dec 2008 06:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5500

Summary

The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to (1) a reachable assertion or (2) an integer overflow.

Vulnerable Systems

Application

  • Mozilla Firefox 2.0

  • Mozilla Firefox 2.0.0.1

  • Mozilla Firefox 2.0.0.10

  • Mozilla Firefox 2.0.0.11

  • Mozilla Firefox 2.0.0.12

  • Mozilla Firefox 2.0.0.13

  • Mozilla Firefox 2.0.0.14

  • Mozilla Firefox 2.0.0.15

  • Mozilla Firefox 2.0.0.16

  • Mozilla Firefox 2.0.0.17

  • Mozilla Firefox 2.0.0.18

  • Mozilla Firefox 2.0.0.2

  • Mozilla Firefox 2.0.0.3

  • Mozilla Firefox 2.0.0.4

  • Mozilla Firefox 2.0.0.5

  • Mozilla Firefox 2.0.0.6

  • Mozilla Firefox 2.0.0.7

  • Mozilla Firefox 2.0.0.8

  • Mozilla Firefox 2.0.0.9

  • Mozilla Firefox 3.0

  • Mozilla Firefox 3.0.1

  • Mozilla Firefox 3.0.2

  • Mozilla Firefox 3.0.3

  • Mozilla Firefox 3.0.4

  • Mozilla Seamonkey 1.0

  • Mozilla Seamonkey 1.0.1

  • Mozilla Seamonkey 1.0.2

  • Mozilla Seamonkey 1.0.3

  • Mozilla Seamonkey 1.0.5

  • Mozilla Seamonkey 1.0.6

  • Mozilla Seamonkey 1.0.7

  • Mozilla Seamonkey 1.0.8

  • Mozilla Seamonkey 1.0.9

  • Mozilla Seamonkey 1.1

  • Mozilla Seamonkey 1.1.1

  • Mozilla Seamonkey 1.1.10

  • Mozilla Seamonkey 1.1.11

  • Mozilla Seamonkey 1.1.12

  • Mozilla Seamonkey 1.1.13

  • Mozilla Seamonkey 1.1.2

  • Mozilla Seamonkey 1.1.3

  • Mozilla Seamonkey 1.1.4

  • Mozilla Seamonkey 1.1.5

  • Mozilla Seamonkey 1.1.6

  • Mozilla Seamonkey 1.1.7

  • Mozilla Seamonkey 1.1.8

  • Mozilla Seamonkey 1.1.9

  • Mozilla Thunderbird 2.0.0.0

  • Mozilla Thunderbird 2.0.0.12

  • Mozilla Thunderbird 2.0.0.14

  • Mozilla Thunderbird 2.0.0.16

  • Mozilla Thunderbird 2.0.0.17

  • Mozilla Thunderbird 2.0.0.18

  • Mozilla Thunderbird 2.0.0.4

  • Mozilla Thunderbird 2.0.0.5

  • Mozilla Thunderbird 2.0.0.6

  • Mozilla Thunderbird 2.0.0.9


References

MISC - https://bugzilla.mozilla.org/show_bug.cgi?id=464998

MISC - https://bugzilla.mozilla.org/show_bug.cgi?id=460803

XF - mozilla-layout-code-execution-var3(47406)

VUPEN - ADV-2009-0977

UBUNTU - USN-690-3

UBUNTU - USN-690-1

UBUNTU - USN-690-2

SECTRACK - 1021417

BID - 32882

REDHAT - RHSA-2009:0002

REDHAT - RHSA-2008:1037

REDHAT - RHSA-2008:1036

CONFIRM - http://www.mozilla.org/security/announce/2008/mfsa2008-60.html

MANDRIVA - MDVSA-2009:012

MANDRIVA - MDVSA-2008:245

MANDRIVA - MDVSA-2008:244

DEBIAN - DSA-1707

DEBIAN - DSA-1704

DEBIAN - DSA-1697

DEBIAN - DSA-1696

SUNALERT - 258748

SUNALERT - 256408

SECUNIA - 35080

SECUNIA - 34501

SECUNIA - 33547

SECUNIA - 33523

SECUNIA - 33434

SECUNIA - 33433

SECUNIA - 33421

SECUNIA - 33232

SECUNIA - 33231

SECUNIA - 33216

SECUNIA - 33205

SECUNIA - 33204

SECUNIA - 33203

SECUNIA - 33189

SECUNIA - 33188

SECUNIA - 33184

UBUNTU - USN-701-2

UBUNTU - USN-701-1

SECUNIA - 33415

SECUNIA - 33408

Related Patches

Novell SUSE 2008:5889 epiphany security update for SLE 10 SP2 i586

Mozilla Firefox 2.0.0.20 for Windows (Update)


Last Updated: 27 May 2016 10:49:48