CVE-2008-5021

Upstream information

CVE-2008-5021 at MITRE

Description

nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having critical severity.

CVSS v2 Scores
	National Vulnerability Database
Base Score	9.3
Vector	AV:N/AC:M/Au:N/C:C/I:C/A:C
Access Vector	Network
Access Complexity	Medium
Authentication	None
Confidentiality Impact	Complete
Integrity Impact	Complete
Availability Impact	Complete

SUSE Bugzilla entry: 439841 [RESOLVED / FIXED]

SUSE Security Advisories:

SUSE-SA:2008:055, published Wed, 26 Nov 2008 16:00:00 +0000
openSUSE-SU-2014:1100-1, published Tue, 9 Sep 2014 18:04:16 +0200 (CEST)

List of released packages

Product(s)	Fixed package version(s)	References
openSUSE Tumbleweed	`MozillaThunderbird >= 91.1.1-1.1` `MozillaThunderbird-translations-common >= 91.1.1-1.1` `MozillaThunderbird-translations-other >= 91.1.1-1.1`	Patchnames: openSUSE Tumbleweed GA MozillaThunderbird-91.1.1-1.1

CVE-2008-5021

Common Vulnerabilities and Exposures

Upstream information

Description

SUSE information

List of released packages

SUSE Linux Enterprise

SUSE Rancher

Solutions

Industries

Support

Services

Resources

Partners

Communities

About