Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2008-5021

Опубликовано: 13 нояб. 2008
Источник: ubuntu
Приоритет: medium
EPSS Средний
CVSS2: 9.3

Описание

nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.

РелизСтатусПримечание
dapper

released

1.5.dfsg+1.5.0.15~prepatch080614h-0ubuntu1
devel

DNE

gutsy

released

2.0.0.18+nobinonly-0ubuntu0.7.10
hardy

released

2.0.0.18+nobinonly-0ubuntu0.8.04.1
intrepid

DNE

upstream

released

2.0.0.18

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

3.0.4+nobinonly-0ubuntu2
gutsy

ignored

end of life, was needed
hardy

released

3.0.4+nobinonly-0ubuntu0.8.04.1
intrepid

released

3.0.4+nobinonly-0ubuntu0.8.10.1
upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

gutsy

ignored

end of life, was needed
hardy

DNE

intrepid

DNE

upstream

released

1.1.13

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

gutsy

DNE

hardy

DNE

intrepid

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

gutsy

DNE

hardy

DNE

intrepid

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

released

1.5.0.13+1.5.0.15~prepatch080614h-0ubuntu0.6.06.1
devel

DNE

gutsy

DNE

hardy

DNE

intrepid

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

1.1.13+nobinonly-0ubuntu1
gutsy

DNE

hardy

released

1.1.15+nobinonly-0ubuntu0.8.04.2
intrepid

released

1.1.15+nobinonly-0ubuntu0.8.10.2
upstream

released

1.1.13

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

2.0.0.18+nobinonly-0ubuntu1
gutsy

released

2.0.0.18+nobinonly-0ubuntu0.7.10.1
hardy

released

2.0.0.18+nobinonly-0ubuntu0.8.04.1
intrepid

released

2.0.0.18+nobinonly-0ubuntu0.8.10.1
upstream

released

2.0.0.18

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

1.8.1.16+nobinonly-0ubuntu1
gutsy

released

1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.7.10.1
hardy

released

1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.8.04.1
intrepid

released

1.8.1.16+nobinonly-0ubuntu1
upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

1.9.0.4+nobinonly-0ubuntu1
gutsy

ignored

end of life, was needed
hardy

released

1.9.0.4+nobinonly-0ubuntu0.8.04.1
intrepid

released

1.9.0.4+nobinonly-0ubuntu0.8.10.1
upstream

released

1.9.0.4

Показывать по

Ссылки на источники

EPSS

Процентиль: 94%
0.16195
Средний

9.3 Critical

CVSS2

Связанные уязвимости

redhat логотип

CVE-2008-5021

redhat
больше 16 лет назад

nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.

nvd логотип

CVE-2008-5021

nvd
больше 16 лет назад

nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.

debian логотип

CVE-2008-5021

debian
больше 16 лет назад

nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.1 ...

github логотип

GHSA-7qf3-8pfp-6qg9

github
около 3 лет назад

nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.

oracle-oval логотип

ELSA-2008-0978

oracle-oval
больше 16 лет назад

ELSA-2008-0978: firefox security update (CRITICAL)

EPSS

Процентиль: 94%
0.16195
Средний

9.3 Critical

CVSS2

Уязвимость CVE-2008-5021