// For flags

CVE-2008-1236

browser engine crashes

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to the layout engine.

Múltiples vulnerabilidades no especificadas en Mozilla Firefox versiones anteriores a 2.0.0.13, Thunderbird versiones anteriores a 2.0.0.13, y SeaMonkey versiones anteriores a 1.1.9 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección a través de vectores desconocidos en relación al motor de diseño.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2008-03-10 CVE Reserved
  • 2008-03-27 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-399: Resource Management Errors
CAPEC
References (52)
URL Tag Source
http://secunia.com/advisories/29391 Third Party Advisory
http://secunia.com/advisories/29526 Third Party Advisory
http://secunia.com/advisories/29539 Third Party Advisory
http://secunia.com/advisories/29541 Third Party Advisory
http://secunia.com/advisories/29547 Third Party Advisory
http://secunia.com/advisories/29548 Third Party Advisory
http://secunia.com/advisories/29550 Third Party Advisory
http://secunia.com/advisories/29558 Third Party Advisory
http://secunia.com/advisories/29560 Third Party Advisory
http://secunia.com/advisories/29607 Third Party Advisory
http://secunia.com/advisories/29616 Third Party Advisory
http://secunia.com/advisories/29645 Third Party Advisory
http://secunia.com/advisories/30016 Third Party Advisory
http://secunia.com/advisories/30094 Third Party Advisory
http://secunia.com/advisories/30105 Third Party Advisory
http://secunia.com/advisories/30192 Third Party Advisory
http://secunia.com/advisories/30327 Third Party Advisory
http://secunia.com/advisories/30370 Third Party Advisory
http://secunia.com/advisories/30620 Third Party Advisory
http://secunia.com/advisories/31043 Third Party Advisory
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128 X_refsource_confirm
http://www.mozilla.org/security/announce/2008/mfsa2008-15.html X_refsource_confirm
http://www.securityfocus.com/archive/1/490196/100/0/threaded Mailing List
http://www.securityfocus.com/bid/28448 Vdb Entry
http://www.securitytracker.com/id?1019695 Vdb Entry
http://www.us-cert.gov/cas/techalerts/TA08-087A.html Third Party Advisory
http://www.vupen.com/english/advisories/2008/0998/references Vdb Entry
http://www.vupen.com/english/advisories/2008/0999/references Vdb Entry
http://www.vupen.com/english/advisories/2008/1793/references Vdb Entry
http://www.vupen.com/english/advisories/2008/2091/references Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/41445 Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11788 Signature
URL Date SRC
URL Date SRC
URL Date SRC
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html 2018-10-11
http://rhn.redhat.com/errata/RHSA-2008-0208.html 2018-10-11
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1 2018-10-11
http://sunsolve.sun.com/search/document.do?assetkey=1-26-239546-1 2018-10-11
http://www.debian.org/security/2008/dsa-1532 2018-10-11
http://www.debian.org/security/2008/dsa-1534 2018-10-11
http://www.debian.org/security/2008/dsa-1535 2018-10-11
http://www.debian.org/security/2008/dsa-1574 2018-10-11
http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml 2018-10-11
http://www.mandriva.com/security/advisories?name=MDVSA-2008:080 2018-10-11
http://www.mandriva.com/security/advisories?name=MDVSA-2008:155 2018-10-11
http://www.redhat.com/support/errata/RHSA-2008-0207.html 2018-10-11
http://www.redhat.com/support/errata/RHSA-2008-0209.html 2018-10-11
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.447313 2018-10-11
http://www.ubuntu.com/usn/usn-592-1 2018-10-11
http://www.ubuntu.com/usn/usn-605-1 2018-10-11
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00058.html 2018-10-11
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00074.html 2018-10-11
https://access.redhat.com/security/cve/CVE-2008-1236 2008-04-03
https://bugzilla.redhat.com/show_bug.cgi?id=438718 2008-04-03
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Mozilla
Search vendor "Mozilla"
 Firefox
Search vendor "Mozilla" for product "Firefox"
 <= 2.0.0.12
Search vendor "Mozilla" for product "Firefox" and version " <= 2.0.0.12"
-
Affected
Mozilla
Search vendor "Mozilla"
 Seamonkey
Search vendor "Mozilla" for product "Seamonkey"
 <= 1.1.8
Search vendor "Mozilla" for product "Seamonkey" and version " <= 1.1.8"
-
Affected
Mozilla
Search vendor "Mozilla"
 Thunderbird
Search vendor "Mozilla" for product "Thunderbird"
 <= 2.0.0.12
Search vendor "Mozilla" for product "Thunderbird" and version " <= 2.0.0.12"
-
Affected