Описание
The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via vectors related to "insufficient class checking" in the Date class.
The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via vectors related to "insufficient class checking" in the Date class.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-5018
- https://bugzilla.mozilla.org/show_bug.cgi?id=452786
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9872
- https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html
- https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html
- http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html
- http://secunia.com/advisories/32684
- http://secunia.com/advisories/32693
- http://secunia.com/advisories/32694
- http://secunia.com/advisories/32695
- http://secunia.com/advisories/32713
- http://secunia.com/advisories/32714
- http://secunia.com/advisories/32715
- http://secunia.com/advisories/32721
- http://secunia.com/advisories/32778
- http://secunia.com/advisories/32798
- http://secunia.com/advisories/32845
- http://secunia.com/advisories/32853
- http://secunia.com/advisories/33434
- http://secunia.com/advisories/34501
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
- http://ubuntu.com/usn/usn-667-1
- http://www.debian.org/security/2008/dsa-1669
- http://www.debian.org/security/2008/dsa-1671
- http://www.debian.org/security/2009/dsa-1696
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:228
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:230
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:235
- http://www.mozilla.org/security/announce/2008/mfsa2008-52.html
- http://www.redhat.com/support/errata/RHSA-2008-0976.html
- http://www.redhat.com/support/errata/RHSA-2008-0977.html
- http://www.redhat.com/support/errata/RHSA-2008-0978.html
- http://www.securityfocus.com/bid/32281
- http://www.securitytracker.com/id?1021183
- http://www.us-cert.gov/cas/techalerts/TA08-319A.html
- http://www.vupen.com/english/advisories/2008/3146
- http://www.vupen.com/english/advisories/2009/0977
EPSS
CVE ID
Связанные уязвимости
The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via vectors related to "insufficient class checking" in the Date class.
The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via vectors related to "insufficient class checking" in the Date class.
The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via vectors related to "insufficient class checking" in the Date class.
The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x ...
EPSS