Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

SAINT CorporationSAINT:0031E27CA856C276125BCE6F9D38D6B6

HistoryDec 31, 2008 - 12:00 a.m.

Mozilla Firefox UTF-8 URL buffer overflow

Vulners
Saint
Mozilla Firefox UTF-8 URL buffer overflow

2008-12-3100:00:00

SAINT Corporation

my.saintcorporation.com

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.87 High

EPSS

Percentile

98.6%

JSON

Added: 12/31/2008
CVE: CVE-2008-0016
BID: 31397
OSVDB: 48780

Background

Mozilla is a suite of Internet client products available for multiple platforms.

Problem

A buffer overflow vulnerability in Mozilla Firefox allows command execution when a user follows a link to a specially crafted UTF-8 URL.

Resolution

Upgrade to Mozilla Firefox 2.0.0.17 or higher.

References

<http://www.mozilla.org/security/announce/2008/mfsa2008-37.html>

Limitations

Exploit works on Mozilla Firefox 2.0.0.16 and requires a user to load the exploit page in Mozilla Firefox.

Platforms

Windows
Linux
Mac OS

cve 1

saint 3

checkpoint_advisories 2

veracode 1

nvd 1

securityvulns 2

prion 1

seebug 3

mozilla 1

canvas 1

packetstorm 1

exploitpack 1

cvelist 1

ubuntucve 1

exploitdb 1

openvas 61

oraclelinux 2

fedora 4

nessus 38

centos 3

redhat 2

debian 4

osv 4

freebsd 1

ubuntu 3

suse 2

gentoo 1

cve

CVE-2008-0016

2008-09-24 20:37:04

saint

Mozilla Firefox UTF-8 URL buffer overflow

2008-12-31 00:00:00

Mozilla Firefox UTF-8 URL buffer overflow

2008-12-31 00:00:00

Mozilla Firefox UTF-8 URL buffer overflow

2008-12-31 00:00:00

checkpoint_advisories

Firefox HTML URL Unicode Stack Buffer Overflow - Ver2 (CVE-2008-0016)

2014-03-03 00:00:00

Mozilla Firefox UTF-8 URL Handling Stack Buffer Overflow - Improved Performance (CVE-2008-0016)

2009-12-13 00:00:00

veracode

Arbitrary Code Execution

2020-04-10 00:25:28

nvd

CVE-2008-0016

2008-09-24 20:37:04

securityvulns

Mozilla Foundation Security Advisory 2008-37

2008-09-29 00:00:00

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

2008-09-30 00:00:00

prion

Stack overflow

2008-09-24 20:37:00

seebug

Mozilla Firefox/SeaMonkey UTF-8基于栈的缓冲区溢出漏洞

2008-09-27 00:00:00

Mozilla Firefox 2.0.0.16 UTF-8 URL Remote Buffer Overflow Exploit

2009-09-16 00:00:00

Mozilla Firefox/SeaMonkey/Thunderbird多个远程漏洞

2008-09-25 00:00:00

mozilla

UTF-8 URL stack buffer overflow — Mozilla

2008-09-23 00:00:00

canvas

Immunity Canvas: FIREFOX_UTF8

2008-09-24 20:37:00

packetstorm

Mozilla Firefox 2.0.0.16 Buffer Overflow

2009-09-15 00:00:00

exploitpack

Mozilla Firefox 2.0.0.16 - UTF-8 URL Remote Buffer Overflow

2009-09-14 00:00:00

cvelist

CVE-2008-0016

2008-09-24 18:00:00

ubuntucve

CVE-2008-0016

2008-09-24 00:00:00

exploitdb

Mozilla Firefox 2.0.0.16 - UTF-8 URL Remote Buffer Overflow

2009-09-14 00:00:00

openvas

Mandriva Update for mozilla-thunderbird MDVSA-2008:206 (mozilla-thunderbird)

2009-04-09 00:00:00

CentOS Update for thunderbird CESA-2008:0908 centos4 x86_64

2009-02-27 00:00:00

RedHat Update for thunderbird RHSA-2008:0908-01

2009-03-06 00:00:00

oraclelinux

thunderbird security update

2008-10-01 00:00:00

seamonkey security update

2008-09-24 00:00:00

fedora

[SECURITY] Fedora 8 Update: seamonkey-1.1.12-1.fc8

2008-09-28 18:41:42

[SECURITY] Fedora 9 Update: seamonkey-1.1.12-1.fc9

2008-09-28 18:44:23

[SECURITY] Fedora 9 Update: thunderbird-2.0.0.18-1.fc9

2008-11-21 11:04:30

nessus

Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2008:206)

2009-04-23 00:00:00

Scientific Linux Security Update : thunderbird on SL4.x, SL5.x i386/x86_64

2012-08-01 00:00:00

Oracle Linux 4 : thunderbird (ELSA-2008-0908)

2013-07-12 00:00:00

centos

seamonkey security update

2008-09-24 14:22:25

thunderbird security update

2008-10-03 18:55:22

seamonkey security update

2008-09-24 23:08:13

redhat

(RHSA-2008:0908) Moderate: thunderbird security update

2008-10-01 00:00:00

(RHSA-2008:0882) Critical: seamonkey security update

2008-09-23 00:00:00

debian

[SECURITY] [DSA 1649-1] New iceweasel packages fix several vulnerabilities

2008-10-08 20:15:55

[SECURITY] [DSA 1669-1] New xulrunner packages fix several vulnerabilities

2008-11-23 20:29:40

[SECURITY] [DSA 1696-1] New icedove packages fix several vulnerabilities

2009-01-07 21:32:09

osv

iceweasel - several vulnerabilities

2008-10-08 00:00:00

xulrunner - several vulnerabilities

2008-11-23 00:00:00

icedove - several vulnerabilities

2009-01-07 00:00:00

freebsd

mozilla -- multiple vulnerabilities

2008-09-24 00:00:00

ubuntu

Firefox and xulrunner regression

2008-09-25 00:00:00

Firefox and xulrunner vulnerabilities

2008-09-24 00:00:00

Firefox vulnerabilities

2008-09-24 00:00:00

suse

remote code execution in MozillaFirefox,MozillaThunderbird,seamonkey,mozilla

2008-10-08 17:24:56

Firefox update to 31.1esr (important)

2014-09-09 18:04:16

gentoo

Mozilla Products: Multiple vulnerabilities

2013-01-08 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.87 High

EPSS

Percentile

98.6%

JSON

Related for SAINT:0031E27CA856C276125BCE6F9D38D6B6