Lucene search

[email protected]CVE-2008-5715

HistoryDec 24, 2008 - 6:29 p.m.

CVE-2008-5715

2008-12-2418:29:15

CWE-20

[email protected]

web.nvd.nist.gov

mozilla firefox

denial of service

cve-2008-5715

nvd

javascript

windows vista

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

Low

0.026 Low

EPSS

Percentile

90.3%

JSON

Mozilla Firefox 3.0.5 on Windows Vista allows remote attackers to cause a denial of service (application crash) via JavaScript code with a long string value for the hash property (aka location.hash). NOTE: it was later reported that earlier versions are also affected, and that the impact is CPU consumption and application hang in unspecified circumstances perhaps involving other platforms.

Affected configurations

NVD

Node

mozillafirefoxMatch3.0.5

AND

microsoftwindows_vistagold

CPENameOperatorVersion
mozilla:firefoxmozilla firefoxeq3.0.5

CPE	Name	Operator	Version
mozilla:firefox	mozilla firefox	eq	3.0.5

References

osvdb.org/51032

securityreason.com/securityalert/4807

websecurity.com.ua/3424/

www.securityfocus.com/archive/1/506006/100/0/threaded

www.securityfocus.com/bid/32988

exchange.xforce.ibmcloud.com/vulnerabilities/47572

www.exploit-db.com/exploits/7554

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

Low

0.026 Low

EPSS

Percentile

90.3%

JSON

Related for CVE-2008-5715

ubuntucve2 seebug1 prion4 redhatcve1 cvelist4 nvd4 openvas2 cve3 debiancve1