CVE-2008-5500

Published: Dec 17, 2008Modified: Apr 23, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to (1) a reachable assertion or (2) an integer overflow.

Affected (10)

Products: Mozilla: Firefox, Seamonkey, Thunderbird · Canonical: Ubuntu Linux · Debian: Debian Linux

3 products

1 product

1 product

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Mozilla Firefox	From 2.0 to 2.0.0.19
Mozilla Firefox	From 3.0 to 3.0.5
Mozilla Seamonkey	From 1.0 to 1.1.14
Mozilla Thunderbird	From 2.0 to 2.0.0.19

Configuration B

4 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 6.06
Canonical Ubuntu Linux	Version 7.10
Canonical Ubuntu Linux	Version 8.04
Canonical Ubuntu Linux	Version 8.10

Configuration C

2 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 4.0
Debian Debian Linux	Version 5.0

Related CWEs

CWE-399

References (86)

http://secunia.com/advisories/33184

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/33188

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/33189

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/33203

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/33204

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/33205

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/33216

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/33231

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/33232

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/33408

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/33415

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/33421

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/33433

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/33434

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/33523

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/33547

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/34501

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/35080

Source: secalert@redhat.com

Third Party Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1

Source: secalert@redhat.com

Broken Link

http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1

Source: secalert@redhat.com

Broken Link

http://www.debian.org/security/2009/dsa-1696

Source: secalert@redhat.com

Third Party Advisory

http://www.debian.org/security/2009/dsa-1697

Source: secalert@redhat.com

Third Party Advisory

http://www.debian.org/security/2009/dsa-1704

Source: secalert@redhat.com

Third Party Advisory

http://www.debian.org/security/2009/dsa-1707

Source: secalert@redhat.com

Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2008:244

Source: secalert@redhat.com

Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2008:245

Source: secalert@redhat.com

Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2009:012

Source: secalert@redhat.com

Third Party Advisory

http://www.mozilla.org/security/announce/2008/mfsa2008-60.html

Source: secalert@redhat.com

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2008-1036.html

Source: secalert@redhat.com

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2008-1037.html

Source: secalert@redhat.com

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2009-0002.html

Source: secalert@redhat.com

Third Party Advisory

http://www.securityfocus.com/bid/32882

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id?1021417

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

http://www.ubuntu.com/usn/usn-690-2

Source: secalert@redhat.com

Third Party Advisory

http://www.ubuntu.com/usn/usn-701-1

Source: secalert@redhat.com

Third Party Advisory

http://www.ubuntu.com/usn/usn-701-2

Source: secalert@redhat.com

Third Party Advisory

http://www.vupen.com/english/advisories/2009/0977

Source: secalert@redhat.com

Third Party Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=460803

Source: secalert@redhat.com

Issue TrackingVendor Advisory

https://bugzilla.mozilla.org/show_bug.cgi?id=464998

Source: secalert@redhat.com

Issue TrackingVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/47406

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11053

Source: secalert@redhat.com

Third Party Advisory

https://usn.ubuntu.com/690-1/

Source: secalert@redhat.com

Third Party Advisory

https://usn.ubuntu.com/690-3/

Source: secalert@redhat.com

Third Party Advisory

http://secunia.com/advisories/33184