CVE-2008-5021
EUVD-2008-500013.11.2008, 11:30
nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 2.0 ≤ 𝑥 < 2.0.0.18 |
| mozilla | firefox | 3.0 ≤ 𝑥 < 3.0.4 |
| mozilla | seamonkey | 1.0 ≤ 𝑥 < 1.1.13 |
| mozilla | thunderbird | 2.0 ≤ 𝑥 < 2.0.0.18 |
| debian | debian_linux | 4.0 |
| canonical | ubuntu_linux | 6.06 |
| canonical | ubuntu_linux | 7.10 |
| canonical | ubuntu_linux | 8.04 |
| canonical | ubuntu_linux | 8.10 |
| novell | open_enterprise_server | - |
| opensuse | opensuse | 10.2 |
| opensuse | opensuse | 10.3 |
| opensuse | opensuse | 11.0 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| firefox |
| ||||||||
| firefox-3.0 |
| ||||||||
| iceape |
| ||||||||
| icedove |
| ||||||||
| iceweasel |
| ||||||||
| mozilla-thunderbird |
| ||||||||
| seamonkey |
| ||||||||
| thunderbird |
| ||||||||
| xulrunner |
| ||||||||
| xulrunner-1.9 |
|
References