Описание
Integer overflow in the MathML component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via an mtd element with a large integer value in the rowspan attribute, related to the layout engine.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.5.dfsg+1.5.0.15~prepatch080614e-0ubuntu3 |
| devel | released | 3.0.3+build1+nobinonly-0ubuntu0.8.04.1 |
| feisty | released | 2.0.0.17+0nobinonly-0ubuntu0.7.4 |
| gutsy | released | 2.0.0.17+1nobinonly-0ubuntu0.7.10 |
| hardy | released | 2.0.0.17+1nobinonly-0ubuntu0.8.04.1 |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | released | 3.0.3+build1+nobinonly-0ubuntu0.8.04.1 |
| maverick | released | 3.0.3+build1+nobinonly-0ubuntu0.8.04.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| feisty | DNE | |
| gutsy | ignored | end of life, was needed |
| hardy | released | 3.0.3+build1+nobinonly-0ubuntu0.8.04.1 |
| intrepid | released | 3.0.3+build1+nobinonly-0ubuntu1 |
| jaunty | released | 3.0.3+build1+nobinonly-0ubuntu1 |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| feisty | DNE | |
| gutsy | ignored | end of life, was needed |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.5.0.13+1.5.0.15~prepatch080614g-0ubuntu0.6.06.1 |
| devel | DNE | |
| feisty | released | 1.5.0.13+1.5.0.15~prepatch080614g-0ubuntu0.7.04.1 |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 1.1.12+nobinonly-0ubuntu1 |
| feisty | DNE | |
| gutsy | DNE | |
| hardy | released | 1.1.12+nobinonly-0ubuntu0.8.04.1 |
| intrepid | released | 1.1.12+nobinonly-0ubuntu1 |
| jaunty | released | 1.1.12+nobinonly-0ubuntu1 |
| karmic | released | 1.1.12+nobinonly-0ubuntu1 |
| lucid | released | 1.1.12+nobinonly-0ubuntu1 |
| maverick | released | 1.1.12+nobinonly-0ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 2.0.0.17+nobinonly-0ubuntu1 |
| feisty | DNE | |
| gutsy | released | 2.0.0.17+nobinonly-0ubuntu0.7.10.1 |
| hardy | released | 2.0.0.17+nobinonly-0ubuntu0.8.04.1 |
| intrepid | released | 2.0.0.17+nobinonly-0ubuntu1 |
| jaunty | released | 2.0.0.17+nobinonly-0ubuntu1 |
| karmic | released | 2.0.0.17+nobinonly-0ubuntu1 |
| lucid | released | 2.0.0.17+nobinonly-0ubuntu1 |
| maverick | released | 2.0.0.17+nobinonly-0ubuntu1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| feisty | ignored | end of life, was needed |
| gutsy | released | 1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.7.10.1 |
| hardy | released | 1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.8.04.1 |
| intrepid | released | 1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.8.10.1 |
| jaunty | ignored | end of life |
| karmic | ignored | end of life |
| lucid | DNE | |
| maverick | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| feisty | DNE | |
| gutsy | ignored | end of life, was needed |
| hardy | released | 1.9.0.3+build1+nobinonly-0ubuntu0.8.04.1 |
| intrepid | released | 1.9.0.3+build1+nobinonly-0ubuntu2 |
| jaunty | released | 1.9.0.3+build1+nobinonly-0ubuntu2 |
| karmic | DNE | |
| lucid | DNE | |
| maverick | DNE |
Показывать по
EPSS
10 Critical
CVSS2
Связанные уязвимости
Integer overflow in the MathML component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via an mtd element with a large integer value in the rowspan attribute, related to the layout engine.
Integer overflow in the MathML component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via an mtd element with a large integer value in the rowspan attribute, related to the layout engine.
Integer overflow in the MathML component in Mozilla Firefox before 2.0 ...
Integer overflow in the MathML component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via an mtd element with a large integer value in the rowspan attribute, related to the layout engine.
EPSS
10 Critical
CVSS2