QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2008-5013

Back to search

CVE-2008-5013

Published: Nov 13, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

Mozilla Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x before 1.1.13 do not properly check when the Flash module has been dynamically unloaded properly, which allows remote attackers to execute arbitrary code via a crafted SWF file that "dynamically unloads itself from an outside JavaScript function," which triggers an access of an expired memory address.

VendorProductVersions

n/a

n/a

affected
n/a

References

ADV-2008-3146
vdb-entry
x_refsource_VUPEN
DSA-1697
vendor-advisory
x_refsource_DEBIAN
DSA-1671
vendor-advisory
x_refsource_DEBIAN
32281
vdb-entry
x_refsource_BID
FEDORA-2008-9667
vendor-advisory
x_refsource_FEDORA
RHSA-2008:0977
vendor-advisory
x_refsource_REDHAT
ADV-2009-0977
vdb-entry
x_refsource_VUPEN
DSA-1669
vendor-advisory
x_refsource_DEBIAN
32778
third-party-advisory
x_refsource_SECUNIA
33433
third-party-advisory
x_refsource_SECUNIA
256408
vendor-advisory
x_refsource_SUNALERT
SUSE-SA:2008:055
vendor-advisory
x_refsource_SUSE
32694
third-party-advisory
x_refsource_SECUNIA
TA08-319A
third-party-advisory
x_refsource_CERT
32853
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:9660
vdb-entry
signature
x_refsource_OVAL
32693
third-party-advisory
x_refsource_SECUNIA
1021181
vdb-entry
x_refsource_SECTRACK
MDVSA-2008:228
vendor-advisory
x_refsource_MANDRIVA
32845
third-party-advisory
x_refsource_SECUNIA
32684
third-party-advisory
x_refsource_SECUNIA
USN-667-1
vendor-advisory
x_refsource_UBUNTU
32714
third-party-advisory
x_refsource_SECUNIA
34501
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now