Upstream information

CVE-2008-5017 at MITRE

Description

Integer overflow in xpcom/io/nsEscape.cpp in the browser engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via unknown vectors.

SUSE information

Overall state of this security issue: Ignore

This issue is currently rated as having critical severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 10
Vector AV:N/AC:L/Au:N/C:C/I:C/A:C
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete
SUSE Bugzilla entry: 439841 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 11.0
  • epiphany-debuginfo >= 2.22.1.1-25.2
  • epiphany-debugsource >= 2.22.1.1-25.2
  • epiphany-extensions-debuginfo >= 2.22.0-37.2
  • epiphany-extensions-debugsource >= 2.22.0-37.2
  • mozilla-xulrunner181-debuginfo >= 1.8.1.18-0.1
  • mozilla-xulrunner181-debugsource >= 1.8.1.18-0.1
openSUSE 11.0
  • epiphany >= 2.22.1.1-25.2
  • epiphany-devel >= 2.22.1.1-25.2
  • epiphany-doc >= 2.22.1.1-25.2
  • epiphany-extensions >= 2.22.0-37.2
  • mozilla-xulrunner181 >= 1.8.1.18-0.1
  • mozilla-xulrunner181-32bit >= 1.8.1.18-0.1
  • mozilla-xulrunner181-64bit >= 1.8.1.18-0.1
  • mozilla-xulrunner181-devel >= 1.8.1.18-0.1
  • mozilla-xulrunner181-l10n >= 1.8.1.18-0.1
SUSE Linux Enterprise SDK 10 SP2
  • gecko-sdk >= 1.8.0.14eol-0.9
sle10-sp2-sdk.ppc
sles10-sp2.ia64
sle10-sp2-sdk.ia64
sle10-sp2-sdk.x86-64
sles10-sp2.x86-64
sled10-sp2.x86-64
sles10-sp2.ppc
sles10-sp2.s390x
sles10-sp2.x86
sled10-sp2.x86
sle10-sp2-sdk.x86
sle10-sp2-sdk.s390x
ZYPP Patch Nr: 5813
Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
  • MozillaFirefox >= 1.5.0.12-0.15
  • MozillaFirefox-translations >= 1.5.0.12-0.15
sles9-nld.x86-64
sles9-nld.x86
YOU Patch Nr: 12296
Novell Linux Desktop 9 for x86
  • mozilla >= 1.8_seamonkey_1.0.9-1.17
  • mozilla-cs >= 1.8_seamonkey_1.0.4-0.12
  • mozilla-deat >= 1.8_seamonkey_1.0.4-0.12
  • mozilla-devel >= 1.8_seamonkey_1.0.9-1.17
  • mozilla-dom-inspector >= 1.8_seamonkey_1.0.9-1.17
  • mozilla-hu >= 1.80_seamonkey_1.0.4-10
  • mozilla-irc >= 1.8_seamonkey_1.0.9-1.17
  • mozilla-mail >= 1.8_seamonkey_1.0.9-1.17
  • mozilla-venkman >= 1.8_seamonkey_1.0.9-1.17
core9.x86
sles9-nlpos.x86
core9.x86-64
sles9-nld.x86
sles9-nld.x86-64
sles9-oes.x86
core9.ppc
core9.s390x
core9.s390
core9.ia64
YOU Patch Nr: 12300
Novell Linux Desktop 9 for x86_64
  • mozilla >= 1.8_seamonkey_1.0.9-1.17
  • mozilla-cs >= 1.8_seamonkey_1.0.4-0.12
  • mozilla-deat >= 1.8_seamonkey_1.0.4-0.12
  • mozilla-devel >= 1.8_seamonkey_1.0.9-1.17
  • mozilla-dom-inspector >= 1.8_seamonkey_1.0.9-1.17
  • mozilla-hu >= 1.80_seamonkey_1.0.4-10
  • mozilla-irc >= 1.8_seamonkey_1.0.9-1.17
  • mozilla-lib64 >= 1.8_seamonkey_1.0.9-0.7
  • mozilla-mail >= 1.8_seamonkey_1.0.9-1.17
  • mozilla-venkman >= 1.8_seamonkey_1.0.9-1.17
core9.x86
sles9-nlpos.x86
core9.x86-64
sles9-nld.x86
sles9-nld.x86-64
sles9-oes.x86
core9.ppc
core9.s390x
core9.s390
core9.ia64
YOU Patch Nr: 12300
Open Enterprise Server
  • mozilla >= 1.8_seamonkey_1.0.9-1.17
  • mozilla-calendar >= 1.8_seamonkey_1.0.9-1.17
  • mozilla-cs >= 1.8_seamonkey_1.0.4-0.12
  • mozilla-deat >= 1.8_seamonkey_1.0.4-0.12
  • mozilla-devel >= 1.8_seamonkey_1.0.9-1.17
  • mozilla-dom-inspector >= 1.8_seamonkey_1.0.9-1.17
  • mozilla-hu >= 1.80_seamonkey_1.0.4-10
  • mozilla-irc >= 1.8_seamonkey_1.0.9-1.17
  • mozilla-mail >= 1.8_seamonkey_1.0.9-1.17
  • mozilla-venkman >= 1.8_seamonkey_1.0.9-1.17
core9.x86
sles9-nlpos.x86
core9.x86-64
sles9-nld.x86
sles9-nld.x86-64
sles9-oes.x86
core9.ppc
core9.s390x
core9.s390
core9.ia64
YOU Patch Nr: 12300
openSUSE 11.0
  • MozillaThunderbird-debuginfo >= 2.0.0.18-1.1
  • MozillaThunderbird-debugsource >= 2.0.0.18-1.1
openSUSE 11.0
  • MozillaThunderbird >= 2.0.0.18-1.1
  • MozillaThunderbird-devel >= 2.0.0.18-1.1
  • MozillaThunderbird-translations >= 2.0.0.18-1.1
openSUSE 11.0
  • seamonkey-debuginfo >= 1.1.13-1.1
  • seamonkey-debugsource >= 1.1.13-1.1
openSUSE 11.0
  • seamonkey >= 1.1.13-1.1
  • seamonkey-dom-inspector >= 1.1.13-1.1
  • seamonkey-irc >= 1.1.13-1.1
  • seamonkey-mail >= 1.1.13-1.1
  • seamonkey-spellchecker >= 1.1.13-1.1
  • seamonkey-venkman >= 1.1.13-1.1
openSUSE 11.0
  • MozillaFirefox-debuginfo >= 3.0.4-3.1
  • MozillaFirefox-debugsource >= 3.0.4-3.1
  • mozilla-xulrunner190-debuginfo >= 1.9.0.4-2.1
  • mozilla-xulrunner190-debugsource >= 1.9.0.4-2.1
openSUSE 11.0
  • MozillaFirefox >= 3.0.4-3.1
  • MozillaFirefox-translations >= 3.0.4-3.1
  • mozilla-xulrunner190 >= 1.9.0.4-2.1
  • mozilla-xulrunner190-32bit >= 1.9.0.4-2.1
  • mozilla-xulrunner190-64bit >= 1.9.0.4-2.1
  • mozilla-xulrunner190-devel >= 1.9.0.4-2.1
  • mozilla-xulrunner190-gnomevfs >= 1.9.0.4-2.1
  • mozilla-xulrunner190-gnomevfs-32bit >= 1.9.0.4-2.1
  • mozilla-xulrunner190-gnomevfs-64bit >= 1.9.0.4-2.1
  • mozilla-xulrunner190-translations >= 1.9.0.4-2.1
  • mozilla-xulrunner190-translations-32bit >= 1.9.0.4-2.1
  • mozilla-xulrunner190-translations-64bit >= 1.9.0.4-2.1