Lucene search
AnonymousZDI-08-044HistoryJul 17, 2008 - 12:00 a.m.
Mozilla Firefox CSSValue Array Memory Corruption Vulnerability
2008-07-1700:00:00
Anonymous
www.zerodayinitiative.com
29
EPSS
0.452
Percentile
97.4%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the browserโs handling reference counters to the nsCSSValue:Array class. Creating more then 65,535 references will overflow a 16-bit reference counter and therefore result in an erroneous free() while the object still exists. Properly manipulated this can result in arbitrary code execution under the context of the current user.
Related
prion
prion
Buffer overflow
2008-06-19 21:41:00
Buffer overflow
2008-06-19 21:41:00
nessus
nessus
SeaMonkey < 1.1.11 CSSValue Array Memory Corruption
2008-07-16 00:00:00
Slackware 11.0 / 12.0 / 12.1 / current : seamonkey (SSA:2008-198-02)
2008-07-18 00:00:00
Fedora 8 : seamonkey-1.1.11-1.fc8 (2008-6517)
2008-07-18 00:00:00
oraclelinux
oraclelinux
seamonkey security update
2008-07-16 00:00:00
firefox security update
2008-07-16 00:00:00
firefox security update
2008-07-16 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: seamonkey-1.1.11-1.fc8
2008-07-18 08:06:21
[SECURITY] Fedora 9 Update: seamonkey-1.1.11-1.fc9
2008-07-18 08:07:40
[SECURITY] Fedora 8 Update: firefox-2.0.0.16-1.fc8
2008-07-18 08:07:34
openvas
openvas
CentOS Update for seamonkey CESA-2008:0599 centos3 i386
2009-02-27 00:00:00
Fedora Update for seamonkey FEDORA-2008-6519
2009-02-17 00:00:00
Slackware: Security Advisory (SSA:2008-198-02)
2012-09-10 00:00:00
nvd
nvd
CVE-2008-2785
2008-06-19 21:41:00
CVE-2008-2786
2008-06-19 21:41:00
cvelist
cvelist
CVE-2008-2785
2008-06-19 21:00:00
CVE-2008-2786
2008-06-19 21:00:00
centos
centos
devhelp, seamonkey security update
2008-07-16 19:11:33
seamonkey security update
2008-07-18 05:08:12
firefox security update
2008-07-17 02:50:07
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:23:55
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2008-34
2008-07-18 00:00:00
ZDI-08-044: Mozilla Firefox CSSValue Array Memory Corruption Vulnerability
2008-07-18 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2008-07-18 00:00:00
cve
cve
CVE-2008-2785
2008-06-19 21:41:00
CVE-2008-2786
2008-06-19 21:41:00
checkpoint_advisories
checkpoint_advisories
Mozilla Multiple Products CSSValue Array Memory Corruption (CVE-2008-2785)
2010-06-03 00:00:00
ubuntucve
ubuntucve
CVE-2008-2785
2008-06-19 00:00:00
CVE-2008-2786
2008-06-19 00:00:00
seebug
seebug
Firefox CSSValueๆฐ็ปๆฐๆฎ็ปๆ่ฟ็จไปฃ็ ๆง่กๆผๆด
2008-07-17 00:00:00
redhat
redhat
(RHSA-2008:0599) Critical: seamonkey security update
2008-07-16 00:00:00
(RHSA-2008:0598) Critical: firefox security update
2008-07-16 00:00:00
(RHSA-2008:0597) Critical: firefox security update
2008-07-16 00:00:00
mozilla
mozilla
Remote code execution by overflowing CSS reference counter โ Mozilla
2008-07-15 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2008-07-17 00:00:00
Devhelp, Epiphany, Midbrowser and Yelp update
2008-08-04 00:00:00
Firefox and xulrunner vulnerabilities
2008-07-28 00:00:00
debian
debian
[SECURITY] [DSA 1614-1] New iceweasel packages fix several vulnerabilities
2008-07-23 20:07:11
[SECURITY] [DSA 1621-1] New icedove packages fix several vulnerabilities
2008-07-27 21:38:47
osv
osv
iceweasel - several vulnerabilities
2008-07-23 00:00:00
icedove - several vulnerabilities
2008-07-27 00:00:00
xulrunner - several vulnerabilities
2008-07-23 00:00:00