Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2008-1380
HistoryApr 17, 2008 - 12:00 a.m.

CVE-2008-1380

2008-04-1700:00:00
ubuntu.com
ubuntu.com
6

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.047 Low

EPSS

Percentile

92.5%

JSON

The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird
before 2.0.0.14, and SeaMonkey before 1.1.10 allows remote attackers to
cause a denial of service (garbage collector crash) and possibly have other
impacts via a crafted web page. NOTE: this is due to an incorrect fix for
CVE-2008-1237.

Notes

Author Note
jdstrand thunderbird has the proper fix for CVE-2008-1237 in 2.0.0.14 and never had this issue
OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchfirefox<Β 1.5.dfsg+1.5.0.15~prepatch080417a-0ubuntu1UNKNOWN
ubuntu6.10noarchfirefox<Β 2.0.0.14+0nobinonly-0ubuntu0.6.10UNKNOWN
ubuntu7.04noarchfirefox<Β 2.0.0.14+1nobinonly-0ubuntu0.7.4UNKNOWN
ubuntu7.10noarchfirefox<Β 2.0.0.14+2nobinonly-0ubuntu0.7.10UNKNOWN
ubuntu8.04noarchfirefox<Β 2.0.0.14+2nobinonly-0ubuntu1UNKNOWN
ubuntu8.04noarchseamonkey<Β 1.1.12+nobinonly-0ubuntu0.8.04.1UNKNOWN
ubuntu8.10noarchseamonkey<Β 1.1.11+nobinonly-0ubuntu1UNKNOWN
ubuntu7.10noarchxulrunner<Β 1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.7.10.1UNKNOWN
ubuntu8.04noarchxulrunner<Β 1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.8.04.1UNKNOWN
ubuntu8.10noarchxulrunner<Β 1.8.1.14+nobinonly-1ubuntu1UNKNOWN

Related

freebsd 1
nessus 38
prion 2
cert 1
openvas 81
cve 2
securityvulns 3
mozilla 2
fedora 44
osv 3
centos 4
oraclelinux 3
seebug 1
veracode 2
ubuntucve 1
debian 4
redhat 3
slackware 2
ubuntu 2
freebsd
freebsd
firefox -- javascript garbage collector vulnerability
2008-04-16 00:00:00
nessus
nessus
FreeBSD : firefox -- javascript garbage collector vulnerability (67bd39ba-12b5-11dd-bab7-0016179b2dd5)
2008-04-28 00:00:00
SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 5218)
2008-05-01 00:00:00
openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-5219)
2008-05-01 00:00:00
prion
prion
Code injection
2008-04-17 19:05:00
Code injection
2008-03-27 10:44:00
cert
cert
Mozilla Firefox JavaScript engine fails to properly handle garbage collection
2008-04-18 00:00:00
openvas
openvas
FreeBSD Ports: firefox
2008-09-04 00:00:00
RedHat Update for thunderbird RHSA-2008:0224-01
2009-03-06 00:00:00
Fedora Update for kazehakase FEDORA-2008-3249
2009-02-17 00:00:00
cve
cve
CVE-2008-1380
2008-04-17 19:05:00
CVE-2008-1237
2008-03-27 10:44:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2008-20
2008-04-18 00:00:00
Mozilla Firefox memory corruption
2008-04-18 00:00:00
Mozilla Foundation Security Advisory 2008-15
2008-03-26 00:00:00
mozilla
mozilla
Crash in JavaScript garbage collector β€” Mozilla
2008-04-16 00:00:00
Crashes with evidence of memory corruption (rv:1.8.1.13) β€” Mozilla
2008-03-25 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: epiphany-2.18.3-9.fc7
2008-04-22 22:40:41
[SECURITY] Fedora 7 Update: openvrml-0.16.7-5.fc7
2008-04-22 22:40:41
[SECURITY] Fedora 7 Update: firefox-2.0.0.14-1.fc7
2008-04-22 22:40:41
osv
osv
iceape - arbitrary code execution
2008-04-28 00:00:00
xulrunner - arbitrary code execution
2008-04-24 00:00:00
iceweasel - arbitrary code execution
2008-04-23 00:00:00
centos
centos
seamonkey security update
2008-04-17 15:54:11
seamonkey security update
2008-04-18 00:18:42
firefox security update
2008-04-19 13:20:35
oraclelinux
oraclelinux
seamonkey security update
2008-04-17 00:00:00
thunderbird security update
2008-04-30 00:00:00
firefox security update
2008-04-17 00:00:00
seebug
seebug
Mozilla Firefox JavaScriptεžƒεœΎζ”Άι›†ε™¨ε†…ε­˜η ΄εζΌζ΄ž
2008-04-19 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:22:21
Arbitrary Code Execution
2020-04-10 00:20:49
ubuntucve
ubuntucve
CVE-2008-1237
2008-03-27 00:00:00
debian
debian
[SECURITY] [DSA 1562-1] New iceape packages fix arbitrary code execution
2008-04-28 19:47:46
[SECURITY] [DSA 1555-1] New iceweasel packages fix arbitrary code execution
2008-04-23 17:54:24
[SECURITY] [DSA 1558-1] New xulrunner packages fix arbitrary code execution
2008-04-24 21:21:53
redhat
redhat
(RHSA-2008:0222) Critical: firefox security update
2008-04-16 00:00:00
(RHSA-2008:0224) Moderate: thunderbird security update
2008-04-30 00:00:00
(RHSA-2008:0223) Critical: seamonkey security update
2008-04-16 00:00:00
slackware
slackware
[slackware-security] mozilla-firefox
2008-04-17 22:44:04
[slackware-security] mozilla-thunderbird
2008-05-08 03:53:40
ubuntu
ubuntu
Firefox vulnerabilities
2008-04-22 00:00:00
Thunderbird vulnerabilities
2008-05-06 00:00:00

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.047 Low

EPSS

Percentile

92.5%

JSON
Related for UB:CVE-2008-1380
freebsd1nessus38prion2cert1openvas81cve2securityvulns3mozilla2fedora44osv3centos4oraclelinux3seebug1veracode2ubuntucve1debian4redhat3slackware2ubuntu2