Lucene search
Mozilla FoundationMFSA2008-54HistoryNov 12, 2008 - 12:00 a.m.
Buffer overflow in http-index-format parser — Mozilla
2008-11-1200:00:00
Mozilla Foundation
www.mozilla.org
27
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.158
Percentile
96.0%
Justin Schuh of the IBM X-Force reported a flaw in the way Mozilla parses the http-index-format MIME type. By sending a specially crafted 200 header line in the HTTP index response, an attacker can cause the browser to crash and run arbitrary code on the victim’s computer.
Affected configurations
Node
mozillafirefoxRange<2.0.0.18
ORmozillafirefoxRange<3.0.4
ORmozillaseamonkeyRange<1.1.13
Related
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:27:01
checkpoint_advisories
checkpoint_advisories
Update Protection against Mozilla Firefox nsDirIndexParser Overflow
2008-11-21 00:00:00
nvd
nvd
CVE-2008-0017
2008-11-13 11:30:01
CVE-2008-5020
2009-03-26 10:12:11
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2008-54
2008-11-14 00:00:00
Mozilla Firefox / Thinderbird / Seamonkey multiple security vulnerabilities
2008-11-14 00:00:00
cvelist
cvelist
CVE-2008-0017
2008-11-13 11:00:00
cve
cve
CVE-2008-0017
2008-11-13 11:30:01
CVE-2008-5020
2009-03-26 10:12:11
prion
prion
Memory corruption
2008-11-13 11:30:00
Design/Logic Flaw
2009-03-26 10:12:00
ubuntucve
ubuntucve
CVE-2008-0017
2008-11-13 00:00:00
openvas
openvas
RedHat Update for firefox RHSA-2008:0978-01
2009-03-06 00:00:00
CentOS Update for firefox CESA-2008:0978 centos4 i386
2009-02-27 00:00:00
CentOS Update for firefox CESA-2008:0978 centos4 x86_64
2009-02-27 00:00:00
osv
osv
iceweasel - several vulnerabilities
2008-11-24 00:00:00
nessus
nessus
Oracle Linux 5 : firefox (ELSA-2008-0978)
2013-07-12 00:00:00
Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
Mandriva Linux Security Advisory : firefox (MDVSA-2008:230)
2009-04-23 00:00:00
debian
debian
[SECURITY] [DSA 1671-1] New iceweasel packages fix several vulnerabilities
2008-11-24 21:36:25
centos
centos
devhelp, firefox, nss, xulrunner, yelp security update
2008-11-14 23:55:42
seamonkey security update
2008-11-13 06:38:44
seamonkey security update
2008-11-13 14:22:44
fedora
fedora
[SECURITY] Fedora 9 Update: xulrunner-1.9.0.4-1.fc9
2008-11-14 12:52:41
[SECURITY] Fedora 9 Update: devhelp-0.19.1-6.fc9
2008-11-14 12:52:41
[SECURITY] Fedora 9 Update: firefox-3.0.4-1.fc9
2008-11-14 12:52:41
oraclelinux
oraclelinux
firefox security update
2008-11-13 00:00:00
seamonkey security update
2008-11-13 00:00:00
redhat
redhat
(RHSA-2008:0978) Critical: firefox security update
2008-11-12 00:00:00
(RHSA-2008:0977) Critical: seamonkey security update
2008-11-12 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2008-11-13 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,seamonkey
2008-11-26 16:19:10
ubuntu
ubuntu
Firefox and xulrunner vulnerabilities
2008-11-17 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.158
Percentile
96.0%
Related for MFSA2008-54