CVE-2008-5016

Published: Nov 13, 2008Modified: Apr 23, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The layout engine in Mozilla Firefox 3.x before 3.0.4, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via multiple vectors that trigger an assertion failure or other consequences.

Affected (42)

Products: Mozilla: Firefox, Seamonkey, Thunderbird

3 products

Configuration A

42 vulnerable

Vulnerable Software	Affected Versions
Mozilla Firefox	Up to 3.0.3
Mozilla Firefox	Version 3.0.1
Mozilla Firefox	Version 3.0.2
Mozilla Firefox	Version 3.0
Mozilla Firefox	Version 3.0 alpha
Mozilla Firefox	Version 3.0 beta2
Mozilla Firefox	Version 3.0 beta5
Mozilla Seamonkey	Up to 1.1.12
Mozilla Seamonkey	Version 1.0.1
Mozilla Seamonkey	Version 1.0.2
Mozilla Seamonkey	Version 1.0.3
Mozilla Seamonkey	Version 1.0.4
Mozilla Seamonkey	Version 1.0.5
Mozilla Seamonkey	Version 1.0.6
Mozilla Seamonkey	Version 1.0.7
Mozilla Seamonkey	Version 1.0.8
Mozilla Seamonkey	Version 1.0.9
Mozilla Seamonkey	Version 1.0
Mozilla Seamonkey	Version 1.0 alpha
Mozilla Seamonkey	Version 1.0 beta
Mozilla Seamonkey	Version 1.1.10
Mozilla Seamonkey	Version 1.1.11
Mozilla Seamonkey	Version 1.1.1
Mozilla Seamonkey	Version 1.1.2
Mozilla Seamonkey	Version 1.1.3
Mozilla Seamonkey	Version 1.1.4
Mozilla Seamonkey	Version 1.1.5
Mozilla Seamonkey	Version 1.1.6
Mozilla Seamonkey	Version 1.1.7
Mozilla Seamonkey	Version 1.1.8
Mozilla Seamonkey	Version 1.1.9
Mozilla Seamonkey	Version 1.1
Mozilla Seamonkey	Version 1.1 alpha
Mozilla Seamonkey	Version 1.1 beta
Mozilla Thunderbird	Up to 2.0.0.17
Mozilla Thunderbird	Version 2.0.0.0
Mozilla Thunderbird	Version 2.0.0.12
Mozilla Thunderbird	Version 2.0.0.14
Mozilla Thunderbird	Version 2.0.0.4
Mozilla Thunderbird	Version 2.0.0.5
Mozilla Thunderbird	Version 2.0.0.6
Mozilla Thunderbird	Version 2.0.0.9

Related CWEs

References (52)

http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html

Source: secalert@redhat.com

http://secunia.com/advisories/32684

Source: secalert@redhat.com

http://secunia.com/advisories/32694

Source: secalert@redhat.com

http://secunia.com/advisories/32695

Source: secalert@redhat.com

http://secunia.com/advisories/32713

Source: secalert@redhat.com

http://secunia.com/advisories/32721

Source: secalert@redhat.com

http://secunia.com/advisories/32778

Source: secalert@redhat.com

http://secunia.com/advisories/32798

Source: secalert@redhat.com

http://secunia.com/advisories/34501

Source: secalert@redhat.com

http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1

Source: secalert@redhat.com

http://ubuntu.com/usn/usn-667-1

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2008:230

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2008:235

Source: secalert@redhat.com

http://www.mozilla.org/security/announce/2008/mfsa2008-52.html

Source: secalert@redhat.com

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2008-0976.html

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2008-0977.html

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2008-0978.html

Source: secalert@redhat.com

http://www.securityfocus.com/bid/32281

Source: secalert@redhat.com

http://www.securitytracker.com/id?1021183

Source: secalert@redhat.com

http://www.us-cert.gov/cas/techalerts/TA08-319A.html

Source: secalert@redhat.com

US Government Resource

http://www.vupen.com/english/advisories/2008/3146

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2009/0977

Source: secalert@redhat.com

https://bugzilla.mozilla.org/buglist.cgi?bug_id=439206%2C453406%2C458637%2C444864%2C452157%2C449111%2C444260%2C457375%2C433429%2C443528%2C430394

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11356

Source: secalert@redhat.com

https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html

Source: secalert@redhat.com

https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/32684

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/32694

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/32695

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/32713

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/32721

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/32778

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/32798

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/34501

Source: af854a3a-2127-422b-91ae-364da2661108

http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1

Source: af854a3a-2127-422b-91ae-364da2661108

http://ubuntu.com/usn/usn-667-1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2008:230

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2008:235

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mozilla.org/security/announce/2008/mfsa2008-52.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2008-0976.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2008-0977.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2008-0978.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/32281

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1021183

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.us-cert.gov/cas/techalerts/TA08-319A.html

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.vupen.com/english/advisories/2008/3146

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2009/0977

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.mozilla.org/buglist.cgi?bug_id=439206%2C453406%2C458637%2C444864%2C452157%2C449111%2C444260%2C457375%2C433429%2C443528%2C430394

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11356

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.