what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

CVE-2008-0413

Status Candidate

Overview

The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via (1) a large switch statement, (2) certain uses of watch and eval, (3) certain uses of the mousedown event listener, and other vectors.

Related Files

Gentoo Linux Security Advisory 200805-18
Posted May 20, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200805-18 - Multiple vulnerabilities have been reported in Mozilla Firefox, Thunderbird, SeaMonkey and XULRunner, some of which may allow user-assisted execution of arbitrary code. Versions less than 2.0.0.14 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2007-4879, CVE-2008-0304, CVE-2008-0412, CVE-2008-0413, CVE-2008-0414, CVE-2008-0415, CVE-2008-0416, CVE-2008-0417, CVE-2008-0418, CVE-2008-0419, CVE-2008-0420, CVE-2008-0591, CVE-2008-0592, CVE-2008-0593, CVE-2008-0594, CVE-2008-1233, CVE-2008-1234, CVE-2008-1235
SHA-256 | 0be1f28cc28c33f9527f262fab77a030b56ac3b42790cbcd8cb8957fadd87d38
Debian Linux Security Advisory 1506-2
Posted Mar 20, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1506-2 - A regression has been fixed in iceape's frame handling code. Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2008-0412, CVE-2008-0413, CVE-2008-0414, CVE-2008-0415, CVE-2008-0417, CVE-2008-0418, CVE-2008-0419, CVE-2008-0591, CVE-2008-0592, CVE-2008-0593, CVE-2008-0594
SHA-256 | bc917c9a074c717bec02c4b74ae7fc0455b931a2e434ad745ae25f609e5fd350
Debian Linux Security Advisory 1485-2
Posted Mar 17, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1485-2 - A regression has been fixed in icedove's frame handling code. Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2008-0412, CVE-2008-0413, CVE-2008-0414, CVE-2008-0415, CVE-2008-0416, CVE-2008-0417, CVE-2008-0418, CVE-2008-0419, CVE-2008-0591, CVE-2008-0592, CVE-2008-0593, CVE-2008-0594
SHA-256 | a6d426ec079f7f75028eaf841b1e52475921b8783d245d90205ba780078153d0
Ubuntu Security Notice 582-2
Posted Mar 12, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 582-2 - USN-582-1 fixed several vulnerabilities in Thunderbird. The upstream fixes were incomplete, and after performing certain actions Thunderbird would crash due to memory errors. This update fixes the problem.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2008-0420, CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0304, CVE-2008-0418
SHA-256 | fab13e0223aabbf6ace0e2087124c53fee125106a1dea684d9fcfafa86b17a7e
Mandriva Linux Security Advisory 2008-062
Posted Mar 12, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.12.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2008-0304, CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0418, CVE-2008-0591
SHA-256 | 9ff0744156668166c4e03c21ca64c0864dd42bc9e497d903ea8be0be2de146f0
Ubuntu Security Notice 582-1
Posted Mar 3, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 582-1 - It was discovered that Thunderbird did not properly set the size of a buffer when parsing an external-body MIME-type. If a user were to open a specially crafted email, an attacker could cause a denial of service via application crash or possibly execute arbitrary code as the user. Various flaws were discovered in Thunderbird and its JavaScript engine. By tricking a user into opening a malicious message, an attacker could execute arbitrary code with the user's privileges. Various flaws were discovered in the JavaScript engine. By tricking a user into opening a malicious message, an attacker could escalate privileges within Thunderbird, perform cross-site scripting attacks and/or execute arbitrary code with the user's privileges. Gerry Eisenhaur discovered that the chrome URI scheme did not properly guard against directory traversal. Under certain circumstances, an attacker may be able to load files or steal session data. Ubuntu is not vulnerable in the default installation. Flaws were discovered in the BMP decoder. By tricking a user into opening a specially crafted BMP file, an attacker could obtain sensitive information.

tags | advisory, denial of service, arbitrary, javascript, xss
systems | linux, ubuntu
advisories | CVE-2008-0420, CVE-2008-0412, CVE-2008-0413, CVE-2008-0415, CVE-2008-0304, CVE-2008-0418
SHA-256 | 31cdcf9f6b4dbcf4037d4938a5ae251012454561f1854e5d8d3001e650377ca6
Debian Linux Security Advisory 1506-1
Posted Feb 25, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1506-1 - Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2008-0412, CVE-2008-0413, CVE-2008-0414, CVE-2008-0415, CVE-2008-0417, CVE-2008-0418, CVE-2008-0419, CVE-2008-0591, CVE-2008-0592, CVE-2008-0593, CVE-2008-0594
SHA-256 | 4d6770cb76971796c0c006804774e270cb0405f86c9beab21b4cd6b10e03f9e2
Mandriva Linux Security Advisory 2008-048
Posted Feb 23, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.12.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2008-0412, CVE-2008-0413, CVE-2008-0414, CVE-2008-0415, CVE-2008-0417, CVE-2008-0418, CVE-2008-0419, CVE-2008-0420, CVE-2008-0591, CVE-2008-0592, CVE-2008-0593, CVE-2008-0594
SHA-256 | 482bde078069b0f18326aa099ea41d73c4a617640b3a89f8d56895efe646567c
Debian Linux Security Advisory 1485-1
Posted Feb 11, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1485-1 - Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. These allow for arbitrary code execution, privilege escalation, and more.

tags | advisory, remote, arbitrary, vulnerability, code execution
systems | linux, debian
advisories | CVE-2008-0412, CVE-2008-0413, CVE-2008-0414, CVE-2008-0415, CVE-2008-0416, CVE-2008-0417, CVE-2008-0418, CVE-2008-0419, CVE-2008-0591, CVE-2008-0592, CVE-2008-0593, CVE-2008-0594
SHA-256 | 3e365dbba800b6a4e94ab3b87d1dd00796811c3c9dbbac66c1a4e7f09cdfe00b
Debian Linux Security Advisory 1484-1
Posted Feb 11, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1484-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. These allow for arbitrary code execution, privilege escalation, and more.

tags | advisory, remote, arbitrary, vulnerability, code execution
systems | linux, debian
advisories | CVE-2008-0412, CVE-2008-0413, CVE-2008-0414, CVE-2008-0415, CVE-2008-0416, CVE-2008-0417, CVE-2008-0418, CVE-2008-0419, CVE-2008-0591, CVE-2008-0592, CVE-2008-0593, CVE-2008-0594
SHA-256 | 76893811c4f62f4d878db38c6c63452a69841359f89e44634b5fbcb09b8b7296
Debian Linux Security Advisory 1489-1
Posted Feb 11, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1489-1 - Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. These include arbitrary code execution, privilege escalation, and directory traversal flaws.

tags | advisory, remote, web, arbitrary, vulnerability, code execution
systems | linux, debian
advisories | CVE-2008-0412, CVE-2008-0413, CVE-2008-0414, CVE-2008-0415, CVE-2008-0416, CVE-2008-0417, CVE-2008-0418, CVE-2008-0419, CVE-2008-0591, CVE-2008-0592, CVE-2008-0593, CVE-2008-0594
SHA-256 | 43e48acc32823c671aa5d0ce96fb6032885f942a876e0b4cc572d9328be2fee6
Ubuntu Security Notice 576-1
Posted Feb 8, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 576-1 - Code execution, cross site scripting, arbitrary upload, and a large amount of other vulnerabilities have been patched in Firefox.

tags | advisory, arbitrary, vulnerability, code execution, xss
systems | linux, ubuntu
advisories | CVE-2008-0412, CVE-2008-0413, CVE-2008-0414, CVE-2008-0415, CVE-2008-0416, CVE-2008-0417, CVE-2008-0418, CVE-2008-0419, CVE-2008-0420, CVE-2008-0591, CVE-2008-0592, CVE-2008-0593, CVE-2008-0594
SHA-256 | 6e23fc127e8464927d11756844b98df4706dfdbbb98e8fae12e67bec66a1da4d
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close