CVE-2008-0419

Severity

93%

Complexity

86%

Confidentiality

165%

Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service (crash) via images in a page that uses designMode frames, which triggers memory corruption related to resize handles.

Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service (crash) via images in a page that uses designMode frames, which triggers memory corruption related to resize handles.

CVSS 2.0 Base Score 9.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C).

Overview

Type

Mozilla

First reported 17 years ago

2008-02-08 22:00:00

Last updated 6 years ago

2018-10-15 22:00:00

Affected Software

Mozilla Firefox

Mozilla SeaMonkey

References

http://browser.netscape.com/releasenotes/

SUSE-SA:2008:008

28754

Vendor Advisory

28758

Vendor Advisory

28766

Vendor Advisory

28808

Vendor Advisory

28815

Vendor Advisory

28818

Vendor Advisory

28839

Vendor Advisory

28864

Vendor Advisory

28865

Vendor Advisory

28877

Vendor Advisory

28879

Vendor Advisory

28924

Vendor Advisory

28939

Vendor Advisory

28958

Vendor Advisory

29049

Vendor Advisory

29086

Vendor Advisory

29164

Vendor Advisory

29167

Vendor Advisory

29567

Vendor Advisory

30327

30620

238492

http://support.novell.com/techcenter/psdb/6251b18e050302ebe7fe74294b55c818.html

http://wiki.rpath.com/Advisories:rPSA-2008-0051

http://wiki.rpath.com/Advisories:rPSA-2008-0093

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0093

DSA-1484

DSA-1485

DSA-1489

DSA-1506

GLSA-200805-18

VU#879056

US Government Resource

MDVSA-2008:048

http://www.mozilla.org/security/announce/2008/mfsa2008-06.html

RHSA-2008:0103

Vendor Advisory

RHSA-2008:0104

Vendor Advisory

RHSA-2008:0105

Vendor Advisory

20080209 rPSA-2008-0051-1 firefox

20080212 FLEA-2008-0001-1 firefox

20080229 rPSA-2008-0093-1 thunderbird

27683

1019328

USN-576-1

ADV-2008-0453

ADV-2008-0627

ADV-2008-1793

https://bugzilla.mozilla.org/show_bug.cgi?id=400556

https://issues.rpath.com/browse/RPL-1995

oval:org.mitre.oval:def:11652

FEDORA-2008-1435

FEDORA-2008-1459

FEDORA-2008-1535

FEDORA-2008-2060

FEDORA-2008-2118

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.