SUSE CVE-2008-5014

🗓️ 15 Feb 2023 06:06:34Reported by Suse CVEType

Remote crash and possible code execution in Firefox, Thunderbird, and SeaMonkey by modifying window.__proto__.__proto__ triggers an OBJ_IS_NATIVE assertion.

Reporter	Title	Published	Views	Family All 280
Tenable Nessus	Mozilla Firefox < 2.0.0.18 Multiple Vulnerabilities	13 Nov 200800:00	–	nessus
Tenable Nessus	Mozilla Firefox 3.x < 3.0.4 Multiple Vulnerabilities	13 Nov 200800:00	–	nessus
Tenable Nessus	SeaMonkey < 1.1.13 Multiple Vulnerabilities	13 Nov 200800:00	–	nessus
Tenable Nessus	Mozilla Thunderbird < 2.0.0.18 Multiple Vulnerabilities	20 Nov 200800:00	–	nessus
Tenable Nessus	CentOS 4 / 5 : thunderbird (CESA-2008:0976)	6 Jan 201000:00	–	nessus
Tenable Nessus	CentOS 3 / 4 : seamonkey (CESA-2008:0977)	23 Apr 200900:00	–	nessus
Tenable Nessus	CentOS 4 / 5 : firefox (CESA-2008:0978)	6 Jan 201000:00	–	nessus
Tenable Nessus	Debian DSA-1669-1 : xulrunner - several vulnerabilities	24 Nov 200800:00	–	nessus
Tenable Nessus	Debian DSA-1671-1 : iceweasel - several vulnerabilities	25 Nov 200800:00	–	nessus
Tenable Nessus	Debian DSA-1696-1 : icedove - several vulnerabilities	8 Jan 200900:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
OpenSUSE Tumbleweed	–	any	mozillathunderbird	91.1.1-1.1	MozillaThunderbird-91.1.1-1.1.noarch.rpm
OpenSUSE Tumbleweed	–	any	mozillathunderbird-translations-common	91.1.1-1.1	MozillaThunderbird-translations-common-91.1.1-1.1.noarch.rpm
OpenSUSE Tumbleweed	–	any	mozillathunderbird-translations-other	91.1.1-1.1	MozillaThunderbird-translations-other-91.1.1-1.1.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2008-5014
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/439841
lists	www.lists.opensuse.org/archives/list/[email protected]/thread/7SM6VOPQZCMJZEWQJBG42GCCXMJKKVXN/
lists	www.lists.opensuse.org/archives/list/[email protected]/thread/LZWA5IC5L2QN74MAY2LDOH57OMCZY4GE/

25 Apr 2025 14:27Current

9High risk

Vulners AI Score9

CVSS 210

EPSS0.25205