CVE-2008-5017

2008-11-13 12:30:01 2018-11-02 14:48:00

Integer overflow in xpcom/io/nsEscape.cpp in the browser engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via unknown vectors.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Debian GNU/Linux 4.0 Canonical Ubuntu Linux 8.10 Canonical Ubuntu linux 8.04 ~~lts~~~ (not an official CPE) Canonical Ubuntu Linux 7.10 Canonical Ubuntu linux 6.06 ~~lts~~~ (not an official CPE)

Mozilla Thunderbird 2.0.0.17 Mozilla Thunderbird 2.0.0.16 Mozilla Thunderbird 2.0.0.15 Mozilla Thunderbird 2.0.0.14 Mozilla Thunderbird 2.0.0.13 Mozilla Thunderbird 2.0.0.12 Mozilla Thunderbird 2.0.0.11 Mozilla Thunderbird 2.0.0.9 Mozilla Thunderbird 2.0.0.8 Mozilla Thunderbird 2.0.0.7 Mozilla Thunderbird 2.0.0.6 Mozilla Thunderbird 2.0.0.5 Mozilla Thunderbird 2.0.0.4 Mozilla Thunderbird 2.0.0.3 Mozilla Thunderbird 2.0.0.2 Mozilla Thunderbird 2.0.0.1 Mozilla Thunderbird 2.0.0.0 Mozilla Thunderbird 2.0 Mozilla SeaMonkey 1.1.12 Mozilla SeaMonkey 1.1.11 Mozilla SeaMonkey 1.1.10 Mozilla SeaMonkey 1.1.9 Mozilla SeaMonkey 1.1.8 Mozilla Seamonkey 1.1.7 Mozilla Seamonkey 1.1.6 Mozilla Seamonkey 1.1.5 Mozilla Seamonkey 1.1.4 Mozilla Seamonkey 1.1.3 Mozilla Seamonkey 1.1.2 Mozilla Seamonkey 1.1.1 Mozilla SeaMonkey 1.1 beta Mozilla SeaMonkey 1.1 alpha Mozilla Seamonkey 1.1 Beta (not an official CPE) Mozilla Seamonkey 1.1 Alpha (not an official CPE) Mozilla SeaMonkey 1.1 Mozilla SeaMonkey 1.0.9 Mozilla SeaMonkey 1.0.8 Mozilla SeaMonkey 1.0.7 Mozilla SeaMonkey 1.0.6 Mozilla SeaMonkey 1.0.5 Mozilla SeaMonkey 1.0.4 Mozilla SeaMonkey 1.0.3 Mozilla SeaMonkey 1.0.2 Mozilla SeaMonkey 1.0.1 Mozilla SeaMonkey 1.0 beta Mozilla SeaMonkey 1.0 alpha Mozilla SeaMonkey 1.0 Mozilla Firefox 3.0.3 Mozilla Firefox 3.0.2 Mozilla Firefox 3.0.1 Mozilla Firefox 3.0 Mozilla Firefox 2.0.0.17 Mozilla Firefox 2.0.0.16 Mozilla Firefox 2.0.0.15 Mozilla Firefox 2.0.0.14 Mozilla Firefox 2.0.0.13 Mozilla Firefox 2.0.0.12 Mozilla Firefox 2.0.0.11 Mozilla Firefox 2.0.0.10 Mozilla Firefox 2.0.0.9 Mozilla Firefox 2.0.0.8 Mozilla Firefox 2.0.0.7 Mozilla Firefox 2.0.0.6 Mozilla Firefox 2.0.0.5 Mozilla Firefox 2.0.0.4 Mozilla Firefox 2.0.0.3 Mozilla Firefox 2.0.0.2 Mozilla Firefox 2.0.0.1 Mozilla Firefox 2.0

Debian - Debian linux Canonical - Ubuntu linux Mozilla - Thunderbird Mozilla - Seamonkey Mozilla - Firefox

Advisory	Patch	Confirmed	Link
			FEDORA-2008-9667
			https://bugzilla.mozilla.org/show_bug.cgi?id=455987
			ADV-2008-3146
			ADV-2009-0977
			1021183
			TA08-319A
			32281
			RHSA-2008:0978
			RHSA-2008:0977
			RHSA-2008:0976
			MDVSA-2008:235
			http://www.mozilla.org/security/announce/2008/mfsa2008-5...
			MDVSA-2008:230
			DSA-1697
			MDVSA-2008:228
			DSA-1696
			DSA-1671
			DSA-1669
			USN-667-1
			256408
			SUSE-SA:2008:055
			FEDORA-2008-9669

Numeric Errors (ID 189)