CVE-2008-4324

EUVD-2008-4305
The user interface event dispatcher in Mozilla Firefox 3.0.3 on Windows XP SP2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a series of keypress, click, onkeydown, onkeyup, onmousedown, and onmouseup events.  NOTE: it was later reported that Firefox 3.0.2 on Mac OS X 10.5 is also affected.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
Affected Products (NVD)
VendorProductVersion
mozillafirefox
3.0.3
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firefox
dapper
ignored
feisty
ignored
gutsy
ignored
hardy
ignored
firefox-3.0
dapper
dne
feisty
dne
gutsy
ignored
hardy
ignored
iceape
dapper
dne
feisty
dne
gutsy
ignored
hardy
dne
icedove
dapper
dne
feisty
dne
gutsy
dne
hardy
dne
iceweasel
dapper
dne
feisty
dne
gutsy
dne
hardy
dne
mozilla-thunderbird
dapper
ignored
feisty
ignored
gutsy
dne
hardy
dne
seamonkey
dapper
dne
feisty
dne
gutsy
dne
hardy
ignored
thunderbird
dapper
dne
feisty
dne
gutsy
ignored
hardy
ignored
xulrunner
dapper
dne
feisty
ignored
gutsy
ignored
hardy
ignored
xulrunner-1.9
dapper
dne
feisty
dne
gutsy
ignored
hardy
ignored
Common Weakness Enumeration
References
http://evilfingers.com/advisory/Firefox_User_Interface_Null_Pointer_Dereference_Dispatcher_Crash_n_Remote_DoS.php
http://secunia.com/advisories/32040
http://securityreason.com/securityalert/4321
http://www.secniche.org/moz303.html
http://www.secniche.org/moz303/index.html
http://www.securityfocus.com/archive/1/496807/100/0/threaded
http://www.securityfocus.com/archive/1/496846/100/0/threaded
http://www.securityfocus.com/bid/31476
https://www.exploit-db.com/exploits/6614
http://evilfingers.com/advisory/Firefox_User_Interface_Null_Pointer_Dereference_Dispatcher_Crash_n_Remote_DoS.php
http://secunia.com/advisories/32040
http://securityreason.com/securityalert/4321
http://www.secniche.org/moz303.html
http://www.secniche.org/moz303/index.html
http://www.securityfocus.com/archive/1/496807/100/0/threaded
http://www.securityfocus.com/archive/1/496846/100/0/threaded
http://www.securityfocus.com/bid/31476
https://www.exploit-db.com/exploits/6614