Lucene search

RedhatCVE-2008-5016

HistoryNov 13, 2008 - 11:30 a.m.

CVE-2008-5016

2008-11-1311:30:01

CWE-399

redhat

web.nvd.nist.gov

cve-2008-5016

mozilla firefox

thunderbird

seamonkey

denial of service

remote attack

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

9.3

Confidence

High

EPSS

0.75

Percentile

98.2%

JSON

The layout engine in Mozilla Firefox 3.x before 3.0.4, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via multiple vectors that trigger an assertion failure or other consequences.

Affected configurations

Nvd

Node

mozillafirefoxRange≤3.0.3

mozillafirefoxMatch3.0

mozillafirefoxMatch3.0alpha

mozillafirefoxMatch3.0beta2

mozillafirefoxMatch3.0beta5

mozillafirefoxMatch3.0.1

mozillafirefoxMatch3.0.2

mozillaseamonkeyRange≤1.1.12

mozillaseamonkeyMatch1.0

mozillaseamonkeyMatch1.0alpha

mozillaseamonkeyMatch1.0beta

mozillaseamonkeyMatch1.0.1

mozillaseamonkeyMatch1.0.2

mozillaseamonkeyMatch1.0.3

mozillaseamonkeyMatch1.0.4

mozillaseamonkeyMatch1.0.5

mozillaseamonkeyMatch1.0.6

mozillaseamonkeyMatch1.0.7

mozillaseamonkeyMatch1.0.8

mozillaseamonkeyMatch1.0.9

mozillaseamonkeyMatch1.1

mozillaseamonkeyMatch1.1alpha

mozillaseamonkeyMatch1.1beta

mozillaseamonkeyMatch1.1.1

mozillaseamonkeyMatch1.1.2

mozillaseamonkeyMatch1.1.3

mozillaseamonkeyMatch1.1.4

mozillaseamonkeyMatch1.1.5

mozillaseamonkeyMatch1.1.6

mozillaseamonkeyMatch1.1.7

mozillaseamonkeyMatch1.1.8

mozillaseamonkeyMatch1.1.9

mozillaseamonkeyMatch1.1.10

mozillaseamonkeyMatch1.1.11

mozillathunderbirdRange≤2.0.0.17

mozillathunderbirdMatch2.0.0.0

mozillathunderbirdMatch2.0.0.4

mozillathunderbirdMatch2.0.0.5

mozillathunderbirdMatch2.0.0.6

mozillathunderbirdMatch2.0.0.9

mozillathunderbirdMatch2.0.0.12

mozillathunderbirdMatch2.0.0.14

VendorProductVersionCPE
mozillafirefox*cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
mozillafirefox3.0cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*
mozillafirefox3.0cpe:2.3:a:mozilla:firefox:3.0:alpha:*:*:*:*:*:*
mozillafirefox3.0cpe:2.3:a:mozilla:firefox:3.0:beta2:*:*:*:*:*:*
mozillafirefox3.0cpe:2.3:a:mozilla:firefox:3.0:beta5:*:*:*:*:*:*
mozillafirefox3.0.1cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*
mozillafirefox3.0.2cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*
mozillaseamonkey*cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
mozillaseamonkey1.0cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
mozillaseamonkey1.0cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	firefox	*	cpe:2.3:a:mozilla:firefox::::::::
mozilla	firefox	3.0	cpe:2.3:a:mozilla:firefox:3.0:::::::*
mozilla	firefox	3.0	cpe:2.3:a:mozilla:firefox:3.0:alpha::::::
mozilla	firefox	3.0	cpe:2.3:a:mozilla:firefox:3.0:beta2::::::
mozilla	firefox	3.0	cpe:2.3:a:mozilla:firefox:3.0:beta5::::::
mozilla	firefox	3.0.1	cpe:2.3:a:mozilla:firefox:3.0.1:::::::*
mozilla	firefox	3.0.2	cpe:2.3:a:mozilla:firefox:3.0.2:::::::*
mozilla	seamonkey	*	cpe:2.3:a:mozilla:seamonkey::::::::
mozilla	seamonkey	1.0	cpe:2.3:a:mozilla:seamonkey:1.0:::::::*
mozilla	seamonkey	1.0	cpe:2.3:a:mozilla:seamonkey:1.0:alpha::::::