Back to search
CVE-2008-2807
Published: Jul 7, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly handle an invalid .properties file for an add-on, which allows remote attackers to read uninitialized memory, as demonstrated by use of ISO 8859 encoding instead of UTF-8 encoding in a French .properties file.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
SUSE-SA:2008:034
vendor-advisory
x_refsource_SUSE
RHSA-2008:0549
vendor-advisory
x_refsource_REDHAT
DSA-1697
vendor-advisory
x_refsource_DEBIAN
31021
third-party-advisory
x_refsource_SECUNIA
firefox-propertiesfile-info-disclosure(50656)
vdb-entry
x_refsource_XF
30898
third-party-advisory
x_refsource_SECUNIA
31403
third-party-advisory
x_refsource_SECUNIA
http://wiki.rpath.com/Advisories:rPSA-2008-0216
x_refsource_CONFIRM
oval:org.mitre.oval:def:9432
vdb-entry
signature
x_refsource_OVAL
https://issues.rpath.com/browse/RPL-2646
x_refsource_CONFIRM
30949
third-party-advisory
x_refsource_SECUNIA
SSA:2008-191-03
vendor-advisory
x_refsource_SLACKWARE
ADV-2009-0977
vdb-entry
x_refsource_VUPEN
31069
third-party-advisory
x_refsource_SECUNIA
31008
third-party-advisory
x_refsource_SECUNIA
31377
third-party-advisory
x_refsource_SECUNIA
RHSA-2008:0616
vendor-advisory
x_refsource_REDHAT
ADV-2008-1993
vdb-entry
x_refsource_VUPEN
31023
third-party-advisory
x_refsource_SECUNIA
MDVSA-2008:155
vendor-advisory
x_refsource_MANDRIVA
30038
vdb-entry
x_refsource_BID
DSA-1607
vendor-advisory
x_refsource_DEBIAN
GLSA-200808-03
vendor-advisory
x_refsource_GENTOO
31005
third-party-advisory
x_refsource_SECUNIA
33433
third-party-advisory
x_refsource_SECUNIA
FEDORA-2008-6127
vendor-advisory
x_refsource_FEDORA
1020419
vdb-entry
x_refsource_SECTRACK
31253
third-party-advisory
x_refsource_SECUNIA
FEDORA-2008-6737
vendor-advisory
x_refsource_FEDORA
31183
third-party-advisory
x_refsource_SECUNIA
30903
third-party-advisory
x_refsource_SECUNIA
RHSA-2008:0547
vendor-advisory
x_refsource_REDHAT
FEDORA-2008-6193
vendor-advisory
x_refsource_FEDORA
https://bugzilla.mozilla.org/show_bug.cgi?id=397093
x_refsource_CONFIRM
USN-629-1
vendor-advisory
x_refsource_UBUNTU
256408
vendor-advisory
x_refsource_SUNALERT
SSA:2008-191
vendor-advisory
x_refsource_SLACKWARE
SSA:2008-210-05
vendor-advisory
x_refsource_SLACKWARE
DSA-1615
vendor-advisory
x_refsource_DEBIAN
FEDORA-2008-6706
vendor-advisory
x_refsource_FEDORA
31220
third-party-advisory
x_refsource_SECUNIA
31195
third-party-advisory
x_refsource_SECUNIA
http://www.mozilla.org/security/announce/2008/mfsa2008-29.html
x_refsource_CONFIRM
31076
third-party-advisory
x_refsource_SECUNIA
USN-619-1
vendor-advisory
x_refsource_UBUNTU
30911
third-party-advisory
x_refsource_SECUNIA
RHSA-2008:0569
vendor-advisory
x_refsource_REDHAT
30878
third-party-advisory
x_refsource_SECUNIA
DSA-1621
vendor-advisory
x_refsource_DEBIAN
20080708 rPSA-2008-0216-1 firefox
mailing-list
x_refsource_BUGTRAQ
31286
third-party-advisory
x_refsource_SECUNIA
FEDORA-2008-6196
vendor-advisory
x_refsource_FEDORA
34501
third-party-advisory
x_refsource_SECUNIA
MDVSA-2008:136
vendor-advisory
x_refsource_MANDRIVA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now