Upstream information

CVE-2008-0016 at MITRE

Description

Stack-based buffer overflow in the URL parsing implementation in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to execute arbitrary code via a crafted UTF-8 URL in a link.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having critical severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 10
Vector AV:N/AC:L/Au:N/C:C/I:C/A:C
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete
SUSE Bugzilla entry: 429179 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 11.0
  • MozillaThunderbird-debuginfo >= 2.0.0.17-0.1
  • MozillaThunderbird-debugsource >= 2.0.0.17-0.1
openSUSE 11.0
  • MozillaThunderbird >= 2.0.0.17-0.1
  • MozillaThunderbird-devel >= 2.0.0.17-0.1
  • MozillaThunderbird-translations >= 2.0.0.17-0.1
openSUSE 11.0
  • seamonkey-debuginfo >= 1.1.12-0.1
  • seamonkey-debugsource >= 1.1.12-0.1
openSUSE 11.0
  • seamonkey >= 1.1.12-0.1
  • seamonkey-dom-inspector >= 1.1.12-0.1
  • seamonkey-irc >= 1.1.12-0.1
  • seamonkey-mail >= 1.1.12-0.1
  • seamonkey-spellchecker >= 1.1.12-0.1
  • seamonkey-venkman >= 1.1.12-0.1
SUSE Linux Enterprise SDK 10 SP2
  • gecko-sdk >= 1.8.0.14eol-0.7
sled10-sp2.x86
sle10-sp1-sdk.x86
sles10.x86
sle10-sp2-sdk.x86
sles10.ppc
sle10-sp1-sdk.s390x
sled10.x86
sled10-sp2.x86-64
sle10-sp1-sdk.ppc
sles10-sp2.ia64
sles10-sp2.ppc
sles10.ia64
sles10-sp2.s390x
sle10-sp1-sdk.x86-64
sle10-sp2-sdk.ia64
sle10-sp2-sdk.x86-64
sles10-sp2.x86-64
sles10.x86-64
sled10.x86-64
sles10-sp2.x86
sles10.s390x
sle10-sp1-sdk.ia64
sle10-sp2-sdk.s390x
sle10-sp2-sdk.ppc
ZYPP Patch Nr: 5654
openSUSE 11.0
  • mozilla-xulrunner181-debuginfo >= 1.8.1.13-22.1
  • mozilla-xulrunner181-debugsource >= 1.8.1.13-22.1
openSUSE 11.0
  • mozilla-xulrunner181 >= 1.8.1.13-22.1
  • mozilla-xulrunner181-32bit >= 1.8.1.13-22.1
  • mozilla-xulrunner181-64bit >= 1.8.1.13-22.1
  • mozilla-xulrunner181-devel >= 1.8.1.13-22.1
  • mozilla-xulrunner181-l10n >= 1.8.1.13-22.1
Novell Linux Desktop 9 for x86
  • epiphany >= 1.2.10-0.7
  • epiphany-doc >= 1.2.10-0.7
  • epiphany-extensions >= 0.8.2-2.8
  • epiphany-extensions-devel >= 0.8.2-2.8
  • mozilla >= 1.8_seamonkey_1.0.9-1.15
  • mozilla-cs >= 1.8_seamonkey_1.0.4-0.11
  • mozilla-deat >= 1.8_seamonkey_1.0.4-0.11
  • mozilla-devel >= 1.8_seamonkey_1.0.9-1.15
  • mozilla-dom-inspector >= 1.8_seamonkey_1.0.9-1.15
  • mozilla-hu >= 1.80_seamonkey_1.0.4-9
  • mozilla-irc >= 1.8_seamonkey_1.0.9-1.15
  • mozilla-mail >= 1.8_seamonkey_1.0.9-1.15
  • mozilla-venkman >= 1.8_seamonkey_1.0.9-1.15
sles9-nld.x86
sles9-nld.x86-64
sles9-nlpos.x86
core9.ppc
core9.x86-64
core9.ia64
core9.s390
core9.s390x
sles9-oes.x86
core9.x86
YOU Patch Nr: 12264
Novell Linux Desktop 9 for x86_64
  • epiphany >= 1.2.10-0.7
  • epiphany-doc >= 1.2.10-0.7
  • epiphany-extensions >= 0.8.2-2.8
  • epiphany-extensions-devel >= 0.8.2-2.8
  • mozilla >= 1.8_seamonkey_1.0.9-1.15
  • mozilla-cs >= 1.8_seamonkey_1.0.4-0.11
  • mozilla-deat >= 1.8_seamonkey_1.0.4-0.11
  • mozilla-devel >= 1.8_seamonkey_1.0.9-1.15
  • mozilla-dom-inspector >= 1.8_seamonkey_1.0.9-1.15
  • mozilla-hu >= 1.80_seamonkey_1.0.4-9
  • mozilla-irc >= 1.8_seamonkey_1.0.9-1.15
  • mozilla-lib64 >= 1.8_seamonkey_1.0.9-0.6
  • mozilla-mail >= 1.8_seamonkey_1.0.9-1.15
  • mozilla-venkman >= 1.8_seamonkey_1.0.9-1.15
sles9-nld.x86
sles9-nld.x86-64
sles9-nlpos.x86
core9.ppc
core9.x86-64
core9.ia64
core9.s390
core9.s390x
sles9-oes.x86
core9.x86
YOU Patch Nr: 12264
Open Enterprise Server
  • mozilla >= 1.8_seamonkey_1.0.9-1.15
  • mozilla-calendar >= 1.8_seamonkey_1.0.9-1.15
  • mozilla-cs >= 1.8_seamonkey_1.0.4-0.11
  • mozilla-deat >= 1.8_seamonkey_1.0.4-0.11
  • mozilla-devel >= 1.8_seamonkey_1.0.9-1.15
  • mozilla-dom-inspector >= 1.8_seamonkey_1.0.9-1.15
  • mozilla-hu >= 1.80_seamonkey_1.0.4-9
  • mozilla-irc >= 1.8_seamonkey_1.0.9-1.15
  • mozilla-mail >= 1.8_seamonkey_1.0.9-1.15
  • mozilla-venkman >= 1.8_seamonkey_1.0.9-1.15
sles9-nld.x86
sles9-nld.x86-64
sles9-nlpos.x86
core9.ppc
core9.x86-64
core9.ia64
core9.s390
core9.s390x
sles9-oes.x86
core9.x86
YOU Patch Nr: 12264
Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
  • MozillaFirefox >= 1.5.0.12-0.13
  • MozillaFirefox-translations >= 1.5.0.12-0.13
sles9-nld.x86-64
sles9-nld.x86
YOU Patch Nr: 12263