CVSS: 9.3EPSS: 45%CPEs: 75EXPL: 0CVE-2008-2785 – Mozilla Firefox CSSValue Array Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2008-2785
Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which allows remote attackers to execute arbitrary code via a large number of references to a common CSS object, leading to a counter overflow and a free of in-use memory, aka ZDI-CAN-349. Firefox anterior a versión 2.0.0.16 y versiones 3.x anteriores a 3.0.1, Thunderbird anterior a versión 2.0.0.16, y SeaMonkey anterior a versión 1.1.11, de Mozilla, utilizan un tipo de datos enteros incorrecto como contador de referencia de objeto CSS en la estructura de datos cssValue (también se conoce como nsCSSValue:Array), que permite a los atacantes remotos ejecutar código arbitrario por medio de un gran número de referencias a un objeto CSS común, conllevando a un desbordamiento de contador y una liberación de memoria en uso, también se conoce como ZDI-CAN-349. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the browser's handling reference counters to the nsCSSValue:Array class. Creating more then 65,535 references will overflow a 16-bit reference counter and therefore result in an erroneous free() while the object still exists. • http://blog.mozilla.com/security/2008/06/18/new-security-issue-under-investigation http://dvlabs.tippingpoint.com/blog/2008/06/18/vulnerability-in-mozilla-firefox-30 http://rhn.redhat.com/errata/RHSA-2008-0616.html http://secunia.com/advisories/30761 http://secunia.com/advisories/31121 http://secunia.com/advisories/31122 http://secunia.com/advisories/31129 http://secunia.com/advisories/31144 http://secunia.com/advisories/31145 http://secunia.com/advisories/31154 http://secuni • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 6%CPEs: 49EXPL: 0CVE-2008-1380 – Firefox JavaScript garbage collection crash
https://notcve.org/view.php?id=CVE-2008-1380
The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird before 2.0.0.14, and SeaMonkey before 1.1.10 allows remote attackers to cause a denial of service (garbage collector crash) and possibly have other impacts via a crafted web page. NOTE: this is due to an incorrect fix for CVE-2008-1237. El motor JavaScript de Mozilla Firefox versiones anteriores a 2.0.0.14, Thunderbird versiones anteriores a 2.0.0.14, y SeaMonkey versiones anteriores a 1.1.10 permite a atacantes remotos provocar una denegación de servicio (caída del colector de basura) y posiblemente tener otros impactos mediante un página web manipulada. NOTA: esto es debido a un parche incorrecto para el CVE-2008-1237. • http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html http://secunia.com/advisories/29787 http://secunia.com/advisories/29793 http://secunia.com/advisories/29828 http://secunia.com/advisories/29860 http://secunia.com/advisories/29883 http://secunia.com/advisories/29908 http://secunia.com/advisories/29911 http://secunia.com/advisories/29912 http://secunia.com/advisories/29947 http://secunia.com/advisories/30012 http://secunia.com/advisories/30029 http:// • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 46%CPEs: 3EXPL: 0CVE-2008-1236 – browser engine crashes
https://notcve.org/view.php?id=CVE-2008-1236
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to the layout engine. Múltiples vulnerabilidades no especificadas en Mozilla Firefox versiones anteriores a 2.0.0.13, Thunderbird versiones anteriores a 2.0.0.13, y SeaMonkey versiones anteriores a 1.1.9 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección a través de vectores desconocidos en relación al motor de diseño. • http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html http://rhn.redhat.com/errata/RHSA-2008-0208.html http://secunia.com/advisories/29391 http://secunia.com/advisories/29526 http://secunia.com/advisories/29539 http://secunia.com/advisories/29541 http://secunia.com/advisories/29547 http://secunia.com/advisories/29548 http://secunia.com/advisories/29550 http://secunia.com/advisories/29558 http://secunia.com/advisories/29560 http://secunia.com/advisories/2 • CWE-399: Resource Management Errors •
CVSS: 4.3EPSS: 1%CPEs: 2EXPL: 0CVE-2008-1241 – XUL popup spoofing
https://notcve.org/view.php?id=CVE-2008-1241
GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab. Vulnerabilidad GUI overlay Mozilla Firefox versiones anteriores a 2.0.0.13 y SeaMonkey versiones anteriores a 1.1.9 permite a atacantes remotos falsificar los elementos form y redireccionar entradas de los usuarios a través de una ventana emergente borderless XUL de un tab de fondo. • http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html http://rhn.redhat.com/errata/RHSA-2008-0208.html http://secunia.com/advisories/29391 http://secunia.com/advisories/29526 http://secunia.com/advisories/29539 http://secunia.com/advisories/29541 http://secunia.com/advisories/29547 http://secunia.com/advisories/29550 http://secunia.com/advisories/29558 http://secunia.com/advisories/29560 http://secunia.com/advisories/29607 http://secunia.com/advisories/2 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 1CVE-2008-1238 – Referrer spoofing bug
https://notcve.org/view.php?id=CVE-2008-1238
Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypass application protection mechanisms that rely on Referer headers, such as with some Cross-Site Request Forgery (CSRF) mechanisms. Mozilla Firefox versiones anteriores a 2.0.0.13 y SeaMonkey versiones anteriores a 1.1.9, cuando generan las cabeceras HTTP Referer, no listan la URL entera cuando contienen credenciales de autenticación básicas sin un nombre de usuario, lo cual hace más fácil a atacantes remotos evitar los mecanismos de protección de aplicaciones que dependen de la cabecera Referer, como con algunos mecanismos de falsificación de petición en sitios cruzados (CSRF). • http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html http://rhn.redhat.com/errata/RHSA-2008-0208.html http://secunia.com/advisories/29391 http://secunia.com/advisories/29526 http://secunia.com/advisories/29539 http://secunia.com/advisories/29541 http://secunia.com/advisories/29547 http://secunia.com/advisories/29550 http://secunia.com/advisories/29558 http://secunia.com/advisories/29560 http://secunia.com/advisories/29607 http://secunia.com/advisories/2 • CWE-287: Improper Authentication •