Back to search
CVE-2008-2785
Published: Jun 19, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which allows remote attackers to execute arbitrary code via a large number of references to a common CSS object, leading to a counter overflow and a free of in-use memory, aka ZDI-CAN-349.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
31154
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:9900
vdb-entry
signature
x_refsource_OVAL
DSA-1697
vendor-advisory
x_refsource_DEBIAN
RHSA-2008:0597
vendor-advisory
x_refsource_REDHAT
31403
third-party-advisory
x_refsource_SECUNIA
31270
third-party-advisory
x_refsource_SECUNIA
SSA:2008-198-02
vendor-advisory
x_refsource_SLACKWARE
http://www.zerodayinitiative.com/advisories/ZDI-08-044/
x_refsource_MISC
31121
third-party-advisory
x_refsource_SECUNIA
FEDORA-2008-6517
vendor-advisory
x_refsource_FEDORA
https://bugzilla.mozilla.org/show_bug.cgi?id=440230
x_refsource_CONFIRM
ADV-2009-0977
vdb-entry
x_refsource_VUPEN
31145
third-party-advisory
x_refsource_SECUNIA
31122
third-party-advisory
x_refsource_SECUNIA
31377
third-party-advisory
x_refsource_SECUNIA
RHSA-2008:0616
vendor-advisory
x_refsource_REDHAT
29802
vdb-entry
x_refsource_BID
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0238
x_refsource_CONFIRM
MDVSA-2008:155
vendor-advisory
x_refsource_MANDRIVA
GLSA-200808-03
vendor-advisory
x_refsource_GENTOO
20080729 rPSA-2008-0238-1 firefox
mailing-list
x_refsource_BUGTRAQ
USN-626-2
vendor-advisory
x_refsource_UBUNTU
RHSA-2008:0598
vendor-advisory
x_refsource_REDHAT
31157
third-party-advisory
x_refsource_SECUNIA
33433
third-party-advisory
x_refsource_SECUNIA
DSA-1614
vendor-advisory
x_refsource_DEBIAN
31253
third-party-advisory
x_refsource_SECUNIA
FEDORA-2008-6737
vendor-advisory
x_refsource_FEDORA
31183
third-party-advisory
x_refsource_SECUNIA
USN-629-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2008:0599
vendor-advisory
x_refsource_REDHAT
256408
vendor-advisory
x_refsource_SUNALERT
https://issues.rpath.com/browse/RPL-2683
x_refsource_CONFIRM
31261
third-party-advisory
x_refsource_SECUNIA
31144
third-party-advisory
x_refsource_SECUNIA
30761
third-party-advisory
x_refsource_SECUNIA
SSA:2008-210-05
vendor-advisory
x_refsource_SLACKWARE
USN-623-1
vendor-advisory
x_refsource_UBUNTU
SSA:2008-198-01
vendor-advisory
x_refsource_SLACKWARE
DSA-1615
vendor-advisory
x_refsource_DEBIAN
31176
third-party-advisory
x_refsource_SECUNIA
20080717 ZDI-08-044: Mozilla Firefox CSSValue Array Memory Corruption Vulnerability
mailing-list
x_refsource_BUGTRAQ
FEDORA-2008-6706
vendor-advisory
x_refsource_FEDORA
FEDORA-2008-6519
vendor-advisory
x_refsource_FEDORA
31220
third-party-advisory
x_refsource_SECUNIA
31195
third-party-advisory
x_refsource_SECUNIA
31129
third-party-advisory
x_refsource_SECUNIA
1020336
vdb-entry
x_refsource_SECTRACK
firefox-unspecified-code-execution(43167)
vdb-entry
x_refsource_XF
USN-626-1
vendor-advisory
x_refsource_UBUNTU
MDVSA-2008:148
vendor-advisory
x_refsource_MANDRIVA
DSA-1621
vendor-advisory
x_refsource_DEBIAN
http://www.mozilla.org/security/announce/2008/mfsa2008-34.html
x_refsource_CONFIRM
31306
third-party-advisory
x_refsource_SECUNIA
31286
third-party-advisory
x_refsource_SECUNIA
34501
third-party-advisory
x_refsource_SECUNIA
ADV-2008-1873
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now