Lucene search

PRIOn knowledge basePRION:CVE-2008-1380

HistoryApr 17, 2008 - 7:05 p.m.

Code injection

2008-04-1719:05:00

PRIOn knowledge base

www.prio-n.com

6.7 Medium

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.047 Low

EPSS

Percentile

92.4%

JSON

The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird before 2.0.0.14, and SeaMonkey before 1.1.10 allows remote attackers to cause a denial of service (garbage collector crash) and possibly have other impacts via a crafted web page. NOTE: this is due to an incorrect fix for CVE-2008-1237.

CPENameOperatorVersion
firefoxeq2.0.0.12
firefoxeq2.0.0.2
firefoxeq2.0.0.7
firefoxeq2.0.0.9
firefoxle2.0.0.13
firefoxeq2.0
firefoxeq2.0 beta1
firefoxeq2.0.0.3
firefoxeq2.0.0.6
firefoxeq2.0.0.11

Name	Operator	Version
firefox	eq	2.0.0.12
firefox	eq	2.0.0.2
firefox	eq	2.0.0.7
firefox	eq	2.0.0.9
firefox	le	2.0.0.13
firefox	eq	2.0
firefox	eq	2.0 beta1
firefox	eq	2.0.0.3
firefox	eq	2.0.0.6
firefox	eq	2.0.0.11

Rows per page:

1-10 of 491

References

lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html

secunia.com/advisories/29787

secunia.com/advisories/29793

secunia.com/advisories/29828

secunia.com/advisories/29860

secunia.com/advisories/29883

secunia.com/advisories/29908

secunia.com/advisories/29911

secunia.com/advisories/29912

secunia.com/advisories/29947

secunia.com/advisories/30012

secunia.com/advisories/30029

secunia.com/advisories/30192

secunia.com/advisories/30327

secunia.com/advisories/30620

secunia.com/advisories/30717

secunia.com/advisories/31023

secunia.com/advisories/31377

secunia.com/advisories/33434

security.gentoo.org/glsa/glsa-200808-03.xml

slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.383152

slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.391769

sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1

www.debian.org/security/2008/dsa-1555

www.debian.org/security/2008/dsa-1558

www.debian.org/security/2008/dsa-1562

www.debian.org/security/2009/dsa-1696

www.gentoo.org/security/en/glsa/glsa-200805-18.xml

www.kb.cert.org/vuls/id/441529

www.mandriva.com/security/advisories?name=MDVSA-2008:110

www.mozilla.org/security/announce/2008/mfsa2008-20.html

www.novell.com/linux/security/advisories/2008_13_sr.html

www.redhat.com/support/errata/RHSA-2008-0222.html

www.redhat.com/support/errata/RHSA-2008-0223.html

www.redhat.com/support/errata/RHSA-2008-0224.html

www.securityfocus.com/archive/1/491838/100/0/threaded

www.securityfocus.com/bid/28818

www.securitytracker.com/id?1019873

www.ubuntu.com/usn/usn-602-1

www.vupen.com/english/advisories/2008/1251/references

www.vupen.com/english/advisories/2008/1793/references

bugzilla.mozilla.org/show_bug.cgi?id=425576

exchange.xforce.ibmcloud.com/vulnerabilities/41857

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10752

www.redhat.com/archives/fedora-package-announce/2008-April/msg00407.html

www.redhat.com/archives/fedora-package-announce/2008-April/msg00463.html

www.redhat.com/archives/fedora-package-announce/2008-May/msg00058.html

www.redhat.com/archives/fedora-package-announce/2008-May/msg00074.html

6.7 Medium

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.047 Low

EPSS

Percentile

92.4%

JSON

Related for PRION:CVE-2008-1380