Описание
The AppendAttributeValue function in the JavaScript engine in Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger memory corruption, as demonstrated by e4x/extensions/regress-410192.js.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.5.dfsg+1.5.0.15~prepatch080614h-0ubuntu1 |
| devel | DNE | |
| gutsy | released | 2.0.0.18+nobinonly-0ubuntu0.7.10 |
| hardy | released | 2.0.0.18+nobinonly-0ubuntu0.8.04.1 |
| intrepid | DNE | |
| upstream | released | 2.0.0.18 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 3.0.4+nobinonly-0ubuntu2 |
| gutsy | ignored | end of life, was needed |
| hardy | released | 3.0.4+nobinonly-0ubuntu0.8.04.1 |
| intrepid | released | 3.0.4+nobinonly-0ubuntu0.8.10.1 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| gutsy | ignored | end of life, was needed |
| hardy | DNE | |
| intrepid | DNE | |
| upstream | released | 1.1.13 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.5.0.13+1.5.0.15~prepatch080614h-0ubuntu0.6.06.1 |
| devel | DNE | |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 1.1.13+nobinonly-0ubuntu1 |
| gutsy | DNE | |
| hardy | released | 1.1.15+nobinonly-0ubuntu0.8.04.2 |
| intrepid | released | 1.1.15+nobinonly-0ubuntu0.8.10.2 |
| upstream | released | 1.1.13 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 2.0.0.18+nobinonly-0ubuntu1 |
| gutsy | released | 2.0.0.18+nobinonly-0ubuntu0.7.10.1 |
| hardy | released | 2.0.0.18+nobinonly-0ubuntu0.8.04.1 |
| intrepid | released | 2.0.0.18+nobinonly-0ubuntu0.8.10.1 |
| upstream | released | 2.0.0.18 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 1.8.1.16+nobinonly-0ubuntu1 |
| gutsy | released | 1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.7.10.1 |
| hardy | released | 1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.8.04.1 |
| intrepid | released | 1.8.1.16+nobinonly-0ubuntu1 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 1.9.0.4+nobinonly-0ubuntu1 |
| gutsy | ignored | end of life, was needed |
| hardy | released | 1.9.0.4+nobinonly-0ubuntu0.8.04.1 |
| intrepid | released | 1.9.0.4+nobinonly-0ubuntu0.8.10.1 |
| upstream | released | 1.9.0.4 |
Показывать по
Ссылки на источники
EPSS
10 Critical
CVSS2
Связанные уязвимости
The AppendAttributeValue function in the JavaScript engine in Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger memory corruption, as demonstrated by e4x/extensions/regress-410192.js.
The AppendAttributeValue function in the JavaScript engine in Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger memory corruption, as demonstrated by e4x/extensions/regress-410192.js.
The AppendAttributeValue function in the JavaScript engine in Mozilla ...
The AppendAttributeValue function in the JavaScript engine in Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger memory corruption, as demonstrated by e4x/extensions/regress-410192.js.
EPSS
10 Critical
CVSS2