Lucene search

MitreCVE-2008-2785

HistoryJun 19, 2008 - 9:41 p.m.

CVE-2008-2785

2008-06-1921:41:00

CWE-189

mitre

web.nvd.nist.gov

cve-2008-2785

mozilla firefox

thunderbird

seamonkey

css

vulnerability

integer data type

remote code execution

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

9.2

Confidence

High

EPSS

0.452

Percentile

97.4%

JSON

Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which allows remote attackers to execute arbitrary code via a large number of references to a common CSS object, leading to a counter overflow and a free of in-use memory, aka ZDI-CAN-349.

Affected configurations

Nvd

Node

mozillafirefoxRange≤2.0.0.15

mozillafirefoxMatch2.0

mozillafirefoxMatch2.0.0.1

mozillafirefoxMatch2.0.0.2

mozillafirefoxMatch2.0.0.3

mozillafirefoxMatch2.0.0.4

mozillafirefoxMatch2.0.0.5

mozillafirefoxMatch2.0.0.6

mozillafirefoxMatch2.0.0.7

mozillafirefoxMatch2.0.0.8

mozillafirefoxMatch2.0.0.9

mozillafirefoxMatch2.0.0.10

mozillafirefoxMatch2.0.0.11

mozillafirefoxMatch2.0.0.12

mozillafirefoxMatch2.0.0.13

mozillafirefoxMatch2.0.0.14

mozillafirefoxMatch3.0

mozillaseamonkeyRange≤1.1.10

mozillaseamonkeyMatch1.0

mozillaseamonkeyMatch1.0alpha

mozillaseamonkeyMatch1.0beta

mozillaseamonkeyMatch1.0.1

mozillaseamonkeyMatch1.0.2

mozillaseamonkeyMatch1.0.3

mozillaseamonkeyMatch1.0.4

mozillaseamonkeyMatch1.0.5

mozillaseamonkeyMatch1.0.6

mozillaseamonkeyMatch1.0.7

mozillaseamonkeyMatch1.0.8

mozillaseamonkeyMatch1.0.9

mozillaseamonkeyMatch1.1

mozillaseamonkeyMatch1.1alpha

mozillaseamonkeyMatch1.1beta

mozillaseamonkeyMatch1.1.1

mozillaseamonkeyMatch1.1.2

mozillaseamonkeyMatch1.1.3

mozillaseamonkeyMatch1.1.4

mozillaseamonkeyMatch1.1.5

mozillaseamonkeyMatch1.1.6

mozillaseamonkeyMatch1.1.7

mozillaseamonkeyMatch1.1.8

mozillaseamonkeyMatch1.1.9

mozillathunderbirdRange≤2.0.0.14

mozillathunderbirdMatch0.1

mozillathunderbirdMatch0.2

mozillathunderbirdMatch0.3

mozillathunderbirdMatch0.4

mozillathunderbirdMatch0.5

mozillathunderbirdMatch0.6

mozillathunderbirdMatch0.7

mozillathunderbirdMatch0.8

mozillathunderbirdMatch0.9

mozillathunderbirdMatch1.0

mozillathunderbirdMatch1.0.2

mozillathunderbirdMatch1.0.5

mozillathunderbirdMatch1.0.6

mozillathunderbirdMatch1.0.7

mozillathunderbirdMatch1.0.8

mozillathunderbirdMatch1.5

mozillathunderbirdMatch1.5.0.2

mozillathunderbirdMatch1.5.0.4

mozillathunderbirdMatch1.5.0.5

mozillathunderbirdMatch1.5.0.7

mozillathunderbirdMatch1.5.0.8

mozillathunderbirdMatch1.5.0.9

mozillathunderbirdMatch1.5.0.10

mozillathunderbirdMatch1.5.0.12

mozillathunderbirdMatch1.5.0.13

mozillathunderbirdMatch1.5.0.14

mozillathunderbirdMatch2.0.0.0

mozillathunderbirdMatch2.0.0.4

mozillathunderbirdMatch2.0.0.5

mozillathunderbirdMatch2.0.0.6

mozillathunderbirdMatch2.0.0.9

mozillathunderbirdMatch2.0.0.12

VendorProductVersionCPE
mozillafirefox*cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
mozillafirefox2.0cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*
mozillafirefox2.0.0.1cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
mozillafirefox2.0.0.2cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*
mozillafirefox2.0.0.3cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*
mozillafirefox2.0.0.4cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*
mozillafirefox2.0.0.5cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*
mozillafirefox2.0.0.6cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*
mozillafirefox2.0.0.7cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*
mozillafirefox2.0.0.8cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	firefox	*	cpe:2.3:a:mozilla:firefox::::::::
mozilla	firefox	2.0	cpe:2.3:a:mozilla:firefox:2.0:::::::*
mozilla	firefox	2.0.0.1	cpe:2.3:a:mozilla:firefox:2.0.0.1:::::::*
mozilla	firefox	2.0.0.2	cpe:2.3:a:mozilla:firefox:2.0.0.2:::::::*
mozilla	firefox	2.0.0.3	cpe:2.3:a:mozilla:firefox:2.0.0.3:::::::*
mozilla	firefox	2.0.0.4	cpe:2.3:a:mozilla:firefox:2.0.0.4:::::::*
mozilla	firefox	2.0.0.5	cpe:2.3:a:mozilla:firefox:2.0.0.5:::::::*
mozilla	firefox	2.0.0.6	cpe:2.3:a:mozilla:firefox:2.0.0.6:::::::*
mozilla	firefox	2.0.0.7	cpe:2.3:a:mozilla:firefox:2.0.0.7:::::::*
mozilla	firefox	2.0.0.8	cpe:2.3:a:mozilla:firefox:2.0.0.8:::::::*

Rows per page:

1-10 of 751

References

blog.mozilla.com/security/2008/06/18/new-security-issue-under-investigation/

dvlabs.tippingpoint.com/blog/2008/06/18/vulnerability-in-mozilla-firefox-30

rhn.redhat.com/errata/RHSA-2008-0616.html

secunia.com/advisories/30761

secunia.com/advisories/31121

secunia.com/advisories/31122

secunia.com/advisories/31129

secunia.com/advisories/31144

secunia.com/advisories/31145

secunia.com/advisories/31154

secunia.com/advisories/31157

secunia.com/advisories/31176

secunia.com/advisories/31183

secunia.com/advisories/31195

secunia.com/advisories/31220

secunia.com/advisories/31253

secunia.com/advisories/31261

secunia.com/advisories/31270

secunia.com/advisories/31286

secunia.com/advisories/31306

secunia.com/advisories/31377

secunia.com/advisories/31403

secunia.com/advisories/33433

secunia.com/advisories/34501

security.gentoo.org/glsa/glsa-200808-03.xml

slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.410484

sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1

wiki.rpath.com/wiki/Advisories:rPSA-2008-0238

www.debian.org/security/2008/dsa-1614

www.debian.org/security/2008/dsa-1615

www.debian.org/security/2008/dsa-1621

www.debian.org/security/2009/dsa-1697

www.mandriva.com/security/advisories?name=MDVSA-2008:148

www.mandriva.com/security/advisories?name=MDVSA-2008:155

www.mozilla.org/security/announce/2008/mfsa2008-34.html

www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=InfoDocument-patchbuilder-readme5031400

www.redhat.com/support/errata/RHSA-2008-0597.html

www.redhat.com/support/errata/RHSA-2008-0598.html

www.redhat.com/support/errata/RHSA-2008-0599.html

www.securityfocus.com/archive/1/494504/100/0/threaded

www.securityfocus.com/archive/1/494860/100/0/threaded

www.securityfocus.com/bid/29802

www.securitytracker.com/id?1020336

www.slackware.org/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.380767

www.slackware.org/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.380974

www.ubuntu.com/usn/usn-623-1

www.ubuntu.com/usn/usn-626-1

www.ubuntu.com/usn/usn-626-2

www.ubuntu.com/usn/usn-629-1

www.vupen.com/english/advisories/2008/1873

www.vupen.com/english/advisories/2009/0977

www.zerodayinitiative.com/advisories/ZDI-08-044/

bugzilla.mozilla.org/show_bug.cgi?id=440230

exchange.xforce.ibmcloud.com/vulnerabilities/43167

issues.rpath.com/browse/RPL-2683

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9900

www.redhat.com/archives/fedora-package-announce/2008-August/msg00125.html

www.redhat.com/archives/fedora-package-announce/2008-August/msg00144.html

www.redhat.com/archives/fedora-package-announce/2008-July/msg00667.html

www.redhat.com/archives/fedora-package-announce/2008-July/msg00672.html

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

9.2

Confidence

High

EPSS

0.452

Percentile

97.4%

JSON

Related for CVE-2008-2785