10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.963 High
EPSS
Percentile
99.5%
The Mozilla Foundation reports:
MFSA 2008-37UTF-8 URL stack buffer overflow
MFSA 2008-38nsXMLDocument::OnChannelRedirect() same-origin
violation
MFSA 2008-39Privilege escalation using feed preview page and
XSS flaw
MFSA 2008-40Forced mouse drag
MFSA 2008-41Privilege escalation via XPCnativeWrapper
pollution
MFSA 2008-42Crashes with evidence of memory corruption
(rv:1.9.0.2/1.8.1.17)
MFSA 2008-43BOM characters stripped from JavaScript before
execution
MFSA 2008-44resource: traversal vulnerabilities
MFSA 2008-45XBM image uninitialized memory reading
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | firefox | < 2.0.0.17,1 | UNKNOWN |
FreeBSD | any | noarch | linux-firefox | < 2.0.0.17 | UNKNOWN |
FreeBSD | any | noarch | linux-firefox-devel | < 2.0.0.17 | UNKNOWN |
FreeBSD | any | noarch | seamonkey | < 1.1.12 | UNKNOWN |
FreeBSD | any | noarch | linux-seamonkey | < 1.1.12 | UNKNOWN |
FreeBSD | any | noarch | thunderbird | < 2.0.0.17 | UNKNOWN |
FreeBSD | any | noarch | linux-thunderbird | < 2.0.0.17 | UNKNOWN |
FreeBSD | any | noarch | flock | < 2.0 | UNKNOWN |
FreeBSD | any | noarch | linux-flock | < 2.0 | UNKNOWN |
www.mozilla.org/security/announce/2008/mfsa2008-37.html
www.mozilla.org/security/announce/2008/mfsa2008-38.html
www.mozilla.org/security/announce/2008/mfsa2008-39.html
www.mozilla.org/security/announce/2008/mfsa2008-40.html
www.mozilla.org/security/announce/2008/mfsa2008-41.html
www.mozilla.org/security/announce/2008/mfsa2008-42.html
www.mozilla.org/security/announce/2008/mfsa2008-43.html
www.mozilla.org/security/announce/2008/mfsa2008-44.html
www.mozilla.org/security/announce/2008/mfsa2008-45.html