CVSS: 9.3EPSS: 45%CPEs: 75EXPL: 0CVE-2008-2785 – Mozilla Firefox CSSValue Array Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2008-2785
Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which allows remote attackers to execute arbitrary code via a large number of references to a common CSS object, leading to a counter overflow and a free of in-use memory, aka ZDI-CAN-349. Firefox anterior a versión 2.0.0.16 y versiones 3.x anteriores a 3.0.1, Thunderbird anterior a versión 2.0.0.16, y SeaMonkey anterior a versión 1.1.11, de Mozilla, utilizan un tipo de datos enteros incorrecto como contador de referencia de objeto CSS en la estructura de datos cssValue (también se conoce como nsCSSValue:Array), que permite a los atacantes remotos ejecutar código arbitrario por medio de un gran número de referencias a un objeto CSS común, conllevando a un desbordamiento de contador y una liberación de memoria en uso, también se conoce como ZDI-CAN-349. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the browser's handling reference counters to the nsCSSValue:Array class. Creating more then 65,535 references will overflow a 16-bit reference counter and therefore result in an erroneous free() while the object still exists. • http://blog.mozilla.com/security/2008/06/18/new-security-issue-under-investigation http://dvlabs.tippingpoint.com/blog/2008/06/18/vulnerability-in-mozilla-firefox-30 http://rhn.redhat.com/errata/RHSA-2008-0616.html http://secunia.com/advisories/30761 http://secunia.com/advisories/31121 http://secunia.com/advisories/31122 http://secunia.com/advisories/31129 http://secunia.com/advisories/31144 http://secunia.com/advisories/31145 http://secunia.com/advisories/31154 http://secuni • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 6%CPEs: 49EXPL: 0CVE-2008-1380 – Firefox JavaScript garbage collection crash
https://notcve.org/view.php?id=CVE-2008-1380
The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird before 2.0.0.14, and SeaMonkey before 1.1.10 allows remote attackers to cause a denial of service (garbage collector crash) and possibly have other impacts via a crafted web page. NOTE: this is due to an incorrect fix for CVE-2008-1237. El motor JavaScript de Mozilla Firefox versiones anteriores a 2.0.0.14, Thunderbird versiones anteriores a 2.0.0.14, y SeaMonkey versiones anteriores a 1.1.10 permite a atacantes remotos provocar una denegación de servicio (caída del colector de basura) y posiblemente tener otros impactos mediante un página web manipulada. NOTA: esto es debido a un parche incorrecto para el CVE-2008-1237. • http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html http://secunia.com/advisories/29787 http://secunia.com/advisories/29793 http://secunia.com/advisories/29828 http://secunia.com/advisories/29860 http://secunia.com/advisories/29883 http://secunia.com/advisories/29908 http://secunia.com/advisories/29911 http://secunia.com/advisories/29912 http://secunia.com/advisories/29947 http://secunia.com/advisories/30012 http://secunia.com/advisories/30029 http:// • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 46%CPEs: 3EXPL: 0CVE-2008-1236 – browser engine crashes
https://notcve.org/view.php?id=CVE-2008-1236
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to the layout engine. Múltiples vulnerabilidades no especificadas en Mozilla Firefox versiones anteriores a 2.0.0.13, Thunderbird versiones anteriores a 2.0.0.13, y SeaMonkey versiones anteriores a 1.1.9 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección a través de vectores desconocidos en relación al motor de diseño. • http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html http://rhn.redhat.com/errata/RHSA-2008-0208.html http://secunia.com/advisories/29391 http://secunia.com/advisories/29526 http://secunia.com/advisories/29539 http://secunia.com/advisories/29541 http://secunia.com/advisories/29547 http://secunia.com/advisories/29548 http://secunia.com/advisories/29550 http://secunia.com/advisories/29558 http://secunia.com/advisories/29560 http://secunia.com/advisories/2 • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 45%CPEs: 3EXPL: 0CVE-2008-1233 – Mozilla products XPCNativeWrapper pollution
https://notcve.org/view.php?id=CVE-2008-1233
Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via "XPCNativeWrapper pollution." Vulnerabilidad no especificada en Mozilla Firefox versiones anteriores a 2.0.0.13, Thunderbird versiones anteriores a 2.0.0.13, y SeaMonkey versiones anteriores a 1.1.9 permite a atacantes remotos ejecutar código de su elección a través de "XPCNativeWrapper pollution." • http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html http://rhn.redhat.com/errata/RHSA-2008-0208.html http://secunia.com/advisories/29391 http://secunia.com/advisories/29526 http://secunia.com/advisories/29539 http://secunia.com/advisories/29541 http://secunia.com/advisories/29547 http://secunia.com/advisories/29548 http://secunia.com/advisories/29550 http://secunia.com/advisories/29558 http://secunia.com/advisories/29560 http://secunia.com/advisories/2 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2008-1234 – universal XSS using event handlers
https://notcve.org/view.php?id=CVE-2008-1234
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to inject arbitrary web script or HTML via event handlers, aka "Universal XSS using event handlers." Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Mozilla Firefox versiones anteriores a 2.0.0.13, Thunderbird versiones anteriores a 2.0.0.13, y SeaMonkey versiones anteriores a 1.1.9 permite a atacantes remotos inyectar web script o HTML de su elección a través de gestores de eventos, también conocido como "Universal XSS using event handlers." • http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html http://rhn.redhat.com/errata/RHSA-2008-0208.html http://secunia.com/advisories/29391 http://secunia.com/advisories/29526 http://secunia.com/advisories/29539 http://secunia.com/advisories/29541 http://secunia.com/advisories/29547 http://secunia.com/advisories/29548 http://secunia.com/advisories/29550 http://secunia.com/advisories/29558 http://secunia.com/advisories/29560 http://secunia.com/advisories/2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •