CVE-2008-1237 | Mend Vulnerability Database

Vulnerability DatabaseCVE-2008-1237

CVE-2008-1237

March 27, 2008

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to the JavaScript engine.

Related Resources (53)

http://www.debian.org/security/2008/dsa-1532

http://secunia.com/advisories/29391

http://secunia.com/advisories/29560

http://www.vupen.com/english/advisories/2008/1793/references

http://secunia.com/advisories/29607

http://secunia.com/advisories/30620

http://www.redhat.com/support/errata/RHSA-2008-0207.html

http://www.mandriva.com/security/advisories?name=MDVSA-2008:155

http://www.securityfocus.com/bid/28448

http://secunia.com/advisories/29550

https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00058.html

http://secunia.com/advisories/29558

http://secunia.com/advisories/29526

http://secunia.com/advisories/29539

http://secunia.com/advisories/29616

http://secunia.com/advisories/29541

http://secunia.com/advisories/29645

http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.447313

http://www.redhat.com/support/errata/RHSA-2008-0209.html

http://www.ubuntu.com/usn/usn-592-1

http://www.ubuntu.com/usn/usn-605-1

http://sunsolve.sun.com/search/document.do?assetkey=1-26-239546-1

http://secunia.com/advisories/31043

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html

http://www.debian.org/security/2008/dsa-1534

http://www.securityfocus.com/archive/1/490196/100/0/threaded

http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html

http://secunia.com/advisories/30094

http://secunia.com/advisories/29548

http://secunia.com/advisories/30105

http://www.securitytracker.com/id?1019695

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9651

http://www.us-cert.gov/cas/techalerts/TA08-087A.html

http://www.mandriva.com/security/advisories?name=MDVSA-2008:080

http://secunia.com/advisories/30192

http://www.mozilla.org/security/announce/2008/mfsa2008-15.html

http://www.vupen.com/english/advisories/2008/2091/references

https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00074.html

http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml

http://rhn.redhat.com/errata/RHSA-2008-0208.html

http://www.debian.org/security/2008/dsa-1574

https://exchange.xforce.ibmcloud.com/vulnerabilities/41446

https://access.redhat.com/security/cve/CVE-2008-1237

http://www.vupen.com/english/advisories/2008/0999/references

http://www.debian.org/security/2008/dsa-1535

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128

http://secunia.com/advisories/30016

https://people.canonical.com/~ubuntu-security/cve/CVE-2008-1237

http://secunia.com/advisories/30370

http://www.vupen.com/english/advisories/2008/0998/references

http://secunia.com/advisories/29547

http://secunia.com/advisories/30327

Do you need more information?

CVSS v4

Base Score:

6.3

Attack Vector

NETWORK

Attack Complexity

HIGH

Attack Requirements

NONE

Privileges Required

NONE

User Interaction

NONE

Vulnerable System Confidentiality

LOW

Vulnerable System Integrity

LOW

Vulnerable System Availability

LOW

Subsequent System Confidentiality

NONE

Subsequent System Integrity

NONE

Subsequent System Availability

NONE

CVSS v3

Base Score:

5.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

LOW

CVSS v2

Base Score:

6.8

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

EPSS

Base Score:

26.05