CVE-2008-0419Out-of-bounds Write in Mozilla Firefox

CWE-3995 documents5 sources
Severity
9.3CRITICALNVD
EPSS
18.7%
top 4.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mozilla FirefoxMozilla Seamonkey
Timeline
PublishedFeb 8
Latest updateMay 1

Description

Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service (crash) via images in a page that uses designMode frames, which triggers memory corruption related to resize handles.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDmozilla/firefox2.0.0.11

🔴Vulnerability Details

1
GHSA
GHSA-qh9w-47rq-86x3: Mozilla Firefox before 22022-05-01

📋Vendor Advisories

2
Ubuntu
Firefox vulnerabilities2008-02-08
Red Hat
Mozilla arbitrary code execution2008-02-07

💬Community

1
Bugzilla
CVE-2008-0419 Mozilla arbitrary code execution2008-02-06
CVE-2008-0419 — Out-of-bounds Write in Mozilla Firefox | cvebase