CVE-2008-5501Reachable Assertion in Mozilla Firefox

6 documents6 sources
Severity
5.0MEDIUMNVD
EPSS
4.5%
top 10.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Mozilla FirefoxMozilla SeamonkeyCanonical Ubuntu Linux
Timeline
PublishedDec 17
Latest updateMay 14

Description

The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service via vectors that trigger an assertion failure.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDmozilla/firefox2.02.0.0.19+1
NVDmozilla/seamonkey1.01.1.14

Also affects: Ubuntu Linux 8.04, 8.10

🔴Vulnerability Details

2
GHSA
GHSA-4vx3-3xr8-7q3x: The layout engine in Mozilla Firefox 32022-05-14
CVEList
CVE-2008-5501: The layout engine in Mozilla Firefox 32008-12-17

📋Vendor Advisories

2
Ubuntu
Firefox and xulrunner vulnerabilities2008-12-17
Red Hat
Layout engine crash - Firefox 3 only2008-12-16

💬Community

1
Bugzilla
CVE-2008-5501 Layout engine crash - Firefox 3 only2008-12-12
CVE-2008-5501 — Reachable Assertion in Mozilla Firefox | cvebase