FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2008-1380

This CVE name corresponds to:

Entered	Topic
2008-04-25	firefox -- javascript garbage collector vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2008-1380 at cve.mitre.org

Details

Type	Candidate
Name	CVE-2008-1380
Phase	Assigned(20080318)

Description

The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird before 2.0.0.14, and SeaMonkey before 1.1.10 allows remote attackers to cause a denial of service (garbage collector crash) and possibly have other impacts via a crafted web page. NOTE: this is due to an incorrect fix for CVE-2008-1237.

References

Source	Reference
BUGTRAQ	20080508 FLEA-2008-0008-1 firefox
MISC	https://bugzilla.mozilla.org/show_bug.cgi?id=425576
CONFIRM	http://www.mozilla.org/security/announce/2008/mfsa2008-20.html
DEBIAN	DSA-1555
DEBIAN	DSA-1558
DEBIAN	DSA-1562
DEBIAN	DSA-1696
FEDORA	FEDORA-2008-3231
FEDORA	FEDORA-2008-3264
FEDORA	FEDORA-2008-3519
FEDORA	FEDORA-2008-3557
GENTOO	GLSA-200808-03
GENTOO	GLSA-200805-18
MANDRIVA	MDVSA-2008:110
REDHAT	RHSA-2008:0222
REDHAT	RHSA-2008:0223
REDHAT	RHSA-2008:0224
SLACKWARE	SSA:2008-108-01
SLACKWARE	SSA:2008-191-03
SUNALERT	238492
SUSE	SUSE-SR:2008:011
SUSE	SUSE-SR:2008:013
UBUNTU	USN-602-1
CERT-VN	VU#441529
BID	28818
OVAL	oval:org.mitre.oval:def:10752
VUPEN	ADV-2008-1251
VUPEN	ADV-2008-1793
SECTRACK	1019873
SECUNIA	29787
SECUNIA	29860
SECUNIA	29912
SECUNIA	29908
SECUNIA	29883
SECUNIA	29911
SECUNIA	29947
SECUNIA	29793
SECUNIA	29828
SECUNIA	30012
SECUNIA	30029
SECUNIA	30327
SECUNIA	30717
SECUNIA	31023
SECUNIA	31377
SECUNIA	30192
SECUNIA	30620
SECUNIA	33434
XF	mozilla-garbage-code-execution(41857)