New Search

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2 Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the JavaScript engine and (1) misinterpretation of the characteristics of Namespace and QName in jsxml.c (2) misuse of signed integers in the nsEscapeCount function in nsEscape.cpp and (3) interaction of JavaScript garbage collection with certain use of an NPObject in the nsNPObjWrapper::GetNewOrUsed function in nsJSNPRuntime.cpp.

oval:org.mitre.oval:def:10206

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2 Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the JavaScript engine and (1) misinterpretation of the characteristics of Namespace and QName in jsxml.c (2) misuse of signed integers in the nsEscapeCount function in nsEscape.cpp and (3) interaction of JavaScript garbage collection with certain use of an NPObject in the nsNPObjWrapper::GetNewOrUsed function in nsJSNPRuntime.cpp.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 4
  • CentOS Linux 3
  • CentOS Linux 4
  • CentOS Linux 5
  • Red Hat Enterprise Linux 3
  • Oracle Linux 5
  • Red Hat Enterprise Linux 5
  • Oracle Linux 4
Class:
vulnerability
Reference(s):
  • CVE-2008-4062
Product(s):