Lucene search

[email protected]NVD:CVE-2008-2419

HistoryMay 23, 2008 - 3:32 p.m.

CVE-2008-2419

2008-05-2315:32:00

CWE-399

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

8.2

Confidence

High

EPSS

0.015

Percentile

86.9%

JSON

Mozilla Firefox 2.0.0.14 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code by triggering an error condition during certain Iframe operations between a JSframe write and a JSframe close, as demonstrated by an error in loading an empty Java applet defined by a ‘src=“javascript:”’ sequence.

Affected configurations

Nvd

Node

mozillafirefoxMatch2.0.0.14

VendorProductVersionCPE
mozillafirefox2.0.0.14cpe:2.3:a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	firefox	2.0.0.14	cpe:2.3:a:mozilla:firefox:2.0.0.14:::::::*

References

www.0x000000.com/?i=576

www.securityfocus.com/bid/29318

exchange.xforce.ibmcloud.com/vulnerabilities/42589

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

8.2

Confidence

High

EPSS

0.015

Percentile

86.9%

JSON

Related for NVD:CVE-2008-2419

prion1 ubuntucve1 exploitdb1 cvelist1 cve1