Launchpad.net

CVE 2008-0413

The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via (1) a large switch statement, (2) certain uses of watch and eval, (3) certain uses of the mousedown event listener, and other vectors.

Related bugs and status

CVE-2008-0413 (Candidate) is related to these bugs:

Bug #195693: [iceape] several vulnerabilities

Summary				In	Importance	Status
	195693	[iceape] several vulnerabilities		iceape (Ubuntu)	Medium	Invalid

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.mozilla.org...
CONFIRM: https://bugzilla.mozil...
CONFIRM: http://wiki.rpath.com/...
DEBIAN: DSA-1484
DEBIAN: DSA-1485
DEBIAN: DSA-1489
REDHAT: RHSA-2008:0103
REDHAT: RHSA-2008:0104
REDHAT: RHSA-2008:0105
UBUNTU: USN-576-1
BID: 27683
SECTRACK: 1019321
SECUNIA: 28818
SECUNIA: 28754
SECUNIA: 28758
SECUNIA: 28766
SECUNIA: 28808
SECUNIA: 28815
SECUNIA: 28839
SECUNIA: 28864
SECUNIA: 28865
SECUNIA: 28877
SECUNIA: 28879
FEDORA: FEDORA-2008-1435
FEDORA: FEDORA-2008-1459
FEDORA: FEDORA-2008-1535
SECUNIA: 28924
SECUNIA: 28939
CONFIRM: http://browser.netscap...
DEBIAN: DSA-1506
MANDRIVA: MDVSA-2008:048
SUSE: SUSE-SA:2008:008
SECUNIA: 28958
SECUNIA: 29049
SECUNIA: 29086
CONFIRM: http://wiki.rpath.com/...
FEDORA: FEDORA-2008-2060
FEDORA: FEDORA-2008-2118
UBUNTU: USN-582-1
SECUNIA: 29167
CONFIRM: http://wiki.rpath.com/...
CONFIRM: https://issues.rpath.c...
MANDRIVA: MDVSA-2008:062
UBUNTU: USN-582-2
SECUNIA: 29098
SECUNIA: 29164
SECUNIA: 29211
SECUNIA: 30327
SUNALERT: 239546
SECUNIA: 31043
GENTOO: GLSA-200805-18
SUNALERT: 238492
SECUNIA: 30620
VUPEN: ADV-2008-0453
VUPEN: ADV-2008-0454
VUPEN: ADV-2008-0627
VUPEN: ADV-2008-2091
VUPEN: ADV-2008-1793
SLACKWARE: SSA:2008-061-01
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20080209 rPSA-2008-005...
BUGTRAQ: 20080212 FLEA-2008-000...
BUGTRAQ: 20080229 rPSA-2008-009...