CVE-2008-1236 — Mozilla Firefox vulnerability

CWE-3997 documents6 sources

Severity

6.8MEDIUMNVD

EPSS

26.0%

top 3.71%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Mozilla Seamonkey Mozilla Thunderbird

Timeline

PublishedMar 27

Latest updateMay 1

Description

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to the layout engine.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages3 packages

▶NVDmozilla/firefox2.0.0.12

▶NVDmozilla/seamonkey1.1.8

▶NVDmozilla/thunderbird2.0.0.12

🔴Vulnerability Details

GHSA

GHSA-w4rq-q5f9-w548: Multiple unspecified vulnerabilities in Mozilla Firefox before 2↗2022-05-01

▶

💥Exploits & PoCs

Exploit-DB

Apple Mac OSX xnu 1228.3.13 - 'zip-notify' Remote Kernel Overflow (PoC)↗2009-03-23

▶

📋Vendor Advisories

Ubuntu

Thunderbird vulnerabilities↗2008-05-06

▶

Ubuntu

Firefox vulnerabilities↗2008-03-26

▶

Red Hat

browser engine crashes↗2008-03-25

▶

💬Community

Bugzilla

CVE-2008-1236 browser engine crashes↗2008-03-24

▶