Back to search
CVE-2008-5502
Published: Dec 17, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) via vectors that trigger memory corruption, related to the GetXMLEntity and FastAppendChar functions.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
32882
vdb-entry
x_refsource_BID
33421
third-party-advisory
x_refsource_SECUNIA
RHSA-2008:1036
vendor-advisory
x_refsource_REDHAT
ADV-2009-0977
vdb-entry
x_refsource_VUPEN
https://bugzilla.mozilla.org/show_bug.cgi?id=458679
x_refsource_MISC
MDVSA-2008:245
vendor-advisory
x_refsource_MANDRIVA
USN-690-1
vendor-advisory
x_refsource_UBUNTU
33203
third-party-advisory
x_refsource_SECUNIA
firefox-js-deflatestring-code-execution(47408)
vdb-entry
x_refsource_XF
33216
third-party-advisory
x_refsource_SECUNIA
256408
vendor-advisory
x_refsource_SUNALERT
RHSA-2008:1037
vendor-advisory
x_refsource_REDHAT
http://www.mozilla.org/security/announce/2008/mfsa2008-60.html
x_refsource_CONFIRM
RHSA-2009:0002
vendor-advisory
x_refsource_REDHAT
33188
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:10001
vdb-entry
signature
x_refsource_OVAL
1021417
vdb-entry
x_refsource_SECTRACK
33189
third-party-advisory
x_refsource_SECUNIA
34501
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now