Lucene search

K
nvd[email protected]NVD:CVE-2008-0413
HistoryFeb 08, 2008 - 10:00 p.m.

CVE-2008-0413

2008-02-0822:00:00
CWE-399
web.nvd.nist.gov
2

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.7

Confidence

High

EPSS

0.338

Percentile

97.1%

The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via (1) a large switch statement, (2) certain uses of watch and eval, (3) certain uses of the mousedown event listener, and other vectors.

Affected configurations

NVD
Node
mozillafirefoxRange2.0.0.11
OR
mozillaseamonkeyRange1.1.7
OR
mozillathunderbirdRange2.0.0.11

References

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.7

Confidence

High

EPSS

0.338

Percentile

97.1%