CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
89.6%
The AppendAttributeValue function in the JavaScript engine in Mozilla
Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey
1.x before 1.1.13 allows remote attackers to cause a denial of service
(crash) via unknown vectors that trigger memory corruption, as demonstrated
by e4x/extensions/regress-410192.js.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | firefox | < 1.5.dfsg+1.5.0.15~prepatch080614h-0ubuntu1 | UNKNOWN |
ubuntu | 7.10 | noarch | firefox | < 2.0.0.18+nobinonly-0ubuntu0.7.10 | UNKNOWN |
ubuntu | 8.04 | noarch | firefox | < 2.0.0.18+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
ubuntu | 8.04 | noarch | firefox-3.0 | < 3.0.4+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
ubuntu | 8.10 | noarch | firefox-3.0 | < 3.0.4+nobinonly-0ubuntu0.8.10.1 | UNKNOWN |
ubuntu | 6.06 | noarch | mozilla-thunderbird | < 1.5.0.13+1.5.0.15~prepatch080614h-0ubuntu0.6.06.1 | UNKNOWN |
ubuntu | 8.04 | noarch | seamonkey | < 1.1.15+nobinonly-0ubuntu0.8.04.2 | UNKNOWN |
ubuntu | 8.10 | noarch | seamonkey | < 1.1.15+nobinonly-0ubuntu0.8.10.2 | UNKNOWN |
ubuntu | 7.10 | noarch | thunderbird | < 2.0.0.18+nobinonly-0ubuntu0.7.10.1 | UNKNOWN |
ubuntu | 8.04 | noarch | thunderbird | < 2.0.0.18+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |