Lucene search

RedhatCVE-2008-2798

HistoryJul 07, 2008 - 11:41 p.m.

CVE-2008-2798

2008-07-0723:41:00

CWE-399

redhat

web.nvd.nist.gov

cve-2008-2798

mozilla firefox

thunderbird

seamonkey

denial of service

arbitrary code

security vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

Low

EPSS

0.669

Percentile

98.0%

JSON

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown vectors related to the layout engine.

Affected configurations

Nvd

Node

mozillafirefoxRange≤2.0.0.14

mozillafirefoxMatch2.0

mozillafirefoxMatch2.0.0.1

mozillafirefoxMatch2.0.0.2

mozillafirefoxMatch2.0.0.3

mozillafirefoxMatch2.0.0.4

mozillafirefoxMatch2.0.0.5

mozillafirefoxMatch2.0.0.6

mozillafirefoxMatch2.0.0.7

mozillafirefoxMatch2.0.0.8

mozillafirefoxMatch2.0.0.9

mozillafirefoxMatch2.0.0.10

mozillafirefoxMatch2.0.0.11

mozillafirefoxMatch2.0.0.12

mozillafirefoxMatch2.0.0.13

mozillaseamonkeyRange≤1.1.9

mozillaseamonkeyMatch1.1

mozillaseamonkeyMatch1.1.2

mozillaseamonkeyMatch1.1.3

mozillaseamonkeyMatch1.1.4

mozillaseamonkeyMatch1.1.5

mozillaseamonkeyMatch1.1.6

mozillaseamonkeyMatch1.1.7

mozillaseamonkeyMatch1.1.8

mozillathunderbirdRange≤2.0.0.14

mozillathunderbirdMatch2.0.0.0

mozillathunderbirdMatch2.0.0.1

mozillathunderbirdMatch2.0.0.2

mozillathunderbirdMatch2.0.0.3

mozillathunderbirdMatch2.0.0.4

mozillathunderbirdMatch2.0.0.5

mozillathunderbirdMatch2.0.0.6

mozillathunderbirdMatch2.0.0.8

mozillathunderbirdMatch2.0.0.9

mozillathunderbirdMatch2.0.0.11

mozillathunderbirdMatch2.0.0.12

mozillathunderbirdMatch2.0.0.13

VendorProductVersionCPE
mozillafirefox*cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
mozillafirefox2.0cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*
mozillafirefox2.0.0.1cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
mozillafirefox2.0.0.2cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*
mozillafirefox2.0.0.3cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*
mozillafirefox2.0.0.4cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*
mozillafirefox2.0.0.5cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*
mozillafirefox2.0.0.6cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*
mozillafirefox2.0.0.7cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*
mozillafirefox2.0.0.8cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	firefox	*	cpe:2.3:a:mozilla:firefox::::::::
mozilla	firefox	2.0	cpe:2.3:a:mozilla:firefox:2.0:::::::*
mozilla	firefox	2.0.0.1	cpe:2.3:a:mozilla:firefox:2.0.0.1:::::::*
mozilla	firefox	2.0.0.2	cpe:2.3:a:mozilla:firefox:2.0.0.2:::::::*
mozilla	firefox	2.0.0.3	cpe:2.3:a:mozilla:firefox:2.0.0.3:::::::*
mozilla	firefox	2.0.0.4	cpe:2.3:a:mozilla:firefox:2.0.0.4:::::::*
mozilla	firefox	2.0.0.5	cpe:2.3:a:mozilla:firefox:2.0.0.5:::::::*
mozilla	firefox	2.0.0.6	cpe:2.3:a:mozilla:firefox:2.0.0.6:::::::*
mozilla	firefox	2.0.0.7	cpe:2.3:a:mozilla:firefox:2.0.0.7:::::::*
mozilla	firefox	2.0.0.8	cpe:2.3:a:mozilla:firefox:2.0.0.8:::::::*

Rows per page:

1-10 of 371

References

lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html

rhn.redhat.com/errata/RHSA-2008-0616.html

secunia.com/advisories/30878

secunia.com/advisories/30898

secunia.com/advisories/30903

secunia.com/advisories/30911

secunia.com/advisories/30915

secunia.com/advisories/30949

secunia.com/advisories/31005

secunia.com/advisories/31008

secunia.com/advisories/31021

secunia.com/advisories/31023

secunia.com/advisories/31069

secunia.com/advisories/31076

secunia.com/advisories/31183

secunia.com/advisories/31195

secunia.com/advisories/31220

secunia.com/advisories/31253

secunia.com/advisories/31286

secunia.com/advisories/31377

secunia.com/advisories/31403

secunia.com/advisories/33433

security.gentoo.org/glsa/glsa-200808-03.xml

slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.383152

slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.384911

slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.410484

wiki.rpath.com/Advisories:rPSA-2008-0216

www.debian.org/security/2008/dsa-1607

www.debian.org/security/2008/dsa-1615

www.debian.org/security/2008/dsa-1621

www.debian.org/security/2009/dsa-1697

www.mandriva.com/security/advisories?name=MDVSA-2008:136

www.mandriva.com/security/advisories?name=MDVSA-2008:155

www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.15

www.mozilla.org/security/announce/2008/mfsa2008-21.html

www.redhat.com/support/errata/RHSA-2008-0547.html

www.redhat.com/support/errata/RHSA-2008-0549.html

www.redhat.com/support/errata/RHSA-2008-0569.html

www.securityfocus.com/archive/1/494080/100/0/threaded

www.securityfocus.com/bid/30038

www.securitytracker.com/id?1020419

www.ubuntu.com/usn/usn-619-1

www.ubuntu.com/usn/usn-629-1

www.vupen.com/english/advisories/2008/1993/references

bugzilla.mozilla.org/show_bug.cgi?id=378027

bugzilla.mozilla.org/show_bug.cgi?id=391178

bugzilla.mozilla.org/show_bug.cgi?id=430814

issues.rpath.com/browse/RPL-2646

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10087

www.redhat.com/archives/fedora-package-announce/2008-August/msg00125.html

www.redhat.com/archives/fedora-package-announce/2008-August/msg00144.html

www.redhat.com/archives/fedora-package-announce/2008-July/msg00207.html

www.redhat.com/archives/fedora-package-announce/2008-July/msg00288.html

www.redhat.com/archives/fedora-package-announce/2008-July/msg00295.html

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

Low

EPSS

0.669

Percentile

98.0%

JSON

Related for CVE-2008-2798