CVE-2008-1237 — Mozilla Firefox vulnerability

CWE-39911 documents6 sources

Severity

9.3CRITICALNVD

NVD6.8

EPSS

26.0%

top 3.71%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Mozilla Seamonkey Mozilla Thunderbird

Timeline

PublishedMar 27

Latest updateMay 1

Description

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to the JavaScript engine.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages3 packages

▶NVDmozilla/firefox2.0.0.12+14

▶NVDmozilla/seamonkey1.1.8+20

▶NVDmozilla/thunderbird2.0.0.12+12

🔴Vulnerability Details

GHSA

GHSA-ccj2-5237-2hj8: Multiple unspecified vulnerabilities in Mozilla Firefox before 2↗2022-05-01

▶

GHSA

GHSA-q7cx-jxvc-hrmp: The JavaScript engine in Mozilla Firefox before 2↗2022-05-01

▶

💥Exploits & PoCs

Exploit-DB

Apple Mac OSX xnu 1228.3.13 - 'macfsstat' Local Kernel Memory Leak/Denial of Service↗2009-03-23

▶

Exploit-DB

Apple Mac OSX xnu 1228.3.13 - 'Profil' Kernel Memory Leak/Denial of Service (PoC)↗2009-03-23

▶

📋Vendor Advisories

Ubuntu

Thunderbird vulnerabilities↗2008-05-06

▶

Red Hat

Firefox JavaScript garbage collection crash↗2008-04-16

▶

Ubuntu

Firefox vulnerabilities↗2008-03-26

▶

Red Hat

javascript crashes↗2008-03-25

▶

💬Community

Bugzilla

CVE-2008-1237 javascript crashes↗2008-03-24

▶