10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.87 High
EPSS
Percentile
98.6%
Added: 12/31/2008
CVE: CVE-2008-0016
BID: 31397
OSVDB: 48780
Mozilla is a suite of Internet client products available for multiple platforms.
A buffer overflow vulnerability in Mozilla Firefox allows command execution when a user follows a link to a specially crafted UTF-8 URL.
Upgrade to Mozilla Firefox 2.0.0.17 or higher.
<http://www.mozilla.org/security/announce/2008/mfsa2008-37.html>
Exploit works on Mozilla Firefox 2.0.0.16 and requires a user to load the exploit page in Mozilla Firefox.
Windows
Linux
Mac OS