CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
90.7%
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and
3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12
allow remote attackers to cause a denial of service (memory corruption and
application crash) or possibly execute arbitrary code via vectors related
to the JavaScript engine and (1) misinterpretation of the characteristics
of Namespace and QName in jsxml.c, (2) misuse of signed integers in the
nsEscapeCount function in nsEscape.cpp, and (3) interaction of JavaScript
garbage collection with certain use of an NPObject in the
nsNPObjWrapper::GetNewOrUsed function in nsJSNPRuntime.cpp.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | firefox | < 1.5.dfsg+1.5.0.15~prepatch080614e-0ubuntu3 | UNKNOWN |
ubuntu | 7.04 | noarch | firefox | < 2.0.0.17+0nobinonly-0ubuntu0.7.4 | UNKNOWN |
ubuntu | 7.10 | noarch | firefox | < 2.0.0.17+1nobinonly-0ubuntu0.7.10 | UNKNOWN |
ubuntu | 8.04 | noarch | firefox | < 2.0.0.17+1nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
ubuntu | 10.04 | noarch | firefox | < 3.0.3+build1+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
ubuntu | 10.10 | noarch | firefox | < 3.0.3+build1+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
ubuntu | 11.04 | noarch | firefox | < 3.0.3+build1+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
ubuntu | 8.04 | noarch | firefox-3.0 | < 3.0.3+build1+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
ubuntu | 8.10 | noarch | firefox-3.0 | < 3.0.3+build1+nobinonly-0ubuntu1 | UNKNOWN |
ubuntu | 9.04 | noarch | firefox-3.0 | < 3.0.3+build1+nobinonly-0ubuntu1 | UNKNOWN |