CVE-2008-5500

Loading...

General

Score:10.0/10.0
Severity:High
Category:Resource Management Error
Exploit:Available

Impact Metrics

Confidentiality:Complete
Integrity:Complete
Availability:Complete

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Relative vulnerabilities

CVE-2008-5501, CVE-2008-5502, CVE-2008-5503, CVE-2008-5505, CVE-2008-5506, CVE-2008-5507, CVE-2008-5508, CVE-2008-5510, CVE-2008-5511, CVE-2008-5512, CVE-2008-5513

Published on 18/12/08 - Updated on 08/11/18

Description

The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to (1) a reachable assertion or (2) an integer overflow.

Category: Resource Management Error

CWE-399 (Resource Management Errors)
Weaknesses in this category are related to improper management of system resources.

Security Notices

US National Vulnerability DatabaseCVE-2008-5500
Agence Nationale de la Sécurité des Systèmes d'Information CERTA-2008-AVI-606
CentOS CESA-2008:1036, CESA-2009:0002
Mozilla MFSA2008-60
Redhat RHSA-2008:1036, RHSA-2009:0002

Exploits

SecurityFocusBID-32882

Relative technologies

VendorProduct
canonicalubuntu_linux
debiandebian_linux
mozillafirefox
mozillaseamonkey
mozillathunderbird

Share this vulnerability with:

Twitter Facebook LinkedIn Mail