CVE - CVE-2008-2785

CVE-ID
CVE-2008-2785	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which allows remote attackers to execute arbitrary code via a large number of references to a common CSS object, leading to a counter overflow and a free of in-use memory, aka ZDI-CAN-349.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BUGTRAQ:20080717 ZDI-08-044: Mozilla Firefox CSSValue Array Memory Corruption Vulnerability URL:http://www.securityfocus.com/archive/1/494504/100/0/threaded BUGTRAQ:20080729 rPSA-2008-0238-1 firefox URL:http://www.securityfocus.com/archive/1/494860/100/0/threaded MISC:http://dvlabs.tippingpoint.com/blog/2008/06/18/vulnerability-in-mozilla-firefox-30 MISC:http://blog.mozilla.com/security/2008/06/18/new-security-issue-under-investigation/ MISC:http://www.zerodayinitiative.com/advisories/ZDI-08-044/ CONFIRM:http://www.mozilla.org/security/announce/2008/mfsa2008-34.html CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=440230 CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0238 CONFIRM:https://issues.rpath.com/browse/RPL-2683 CONFIRM:http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=InfoDocument-patchbuilder-readme5031400 DEBIAN:DSA-1614 URL:http://www.debian.org/security/2008/dsa-1614 DEBIAN:DSA-1615 URL:http://www.debian.org/security/2008/dsa-1615 DEBIAN:DSA-1621 URL:http://www.debian.org/security/2008/dsa-1621 DEBIAN:DSA-1697 URL:http://www.debian.org/security/2009/dsa-1697 FEDORA:FEDORA-2008-6517 URL:https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00667.html FEDORA:FEDORA-2008-6519 URL:https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00672.html FEDORA:FEDORA-2008-6706 URL:https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00144.html FEDORA:FEDORA-2008-6737 URL:https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00125.html GENTOO:GLSA-200808-03 URL:http://security.gentoo.org/glsa/glsa-200808-03.xml MANDRIVA:MDVSA-2008:148 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:148 MANDRIVA:MDVSA-2008:155 URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:155 REDHAT:RHSA-2008:0597 URL:http://www.redhat.com/support/errata/RHSA-2008-0597.html REDHAT:RHSA-2008:0598 URL:http://www.redhat.com/support/errata/RHSA-2008-0598.html REDHAT:RHSA-2008:0599 URL:http://www.redhat.com/support/errata/RHSA-2008-0599.html REDHAT:RHSA-2008:0616 URL:http://rhn.redhat.com/errata/RHSA-2008-0616.html SLACKWARE:SSA:2008-198-01 URL:http://www.slackware.org/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.380974 SLACKWARE:SSA:2008-198-02 URL:http://www.slackware.org/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.380767 SLACKWARE:SSA:2008-210-05 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.410484 SUNALERT:256408 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 UBUNTU:USN-623-1 URL:http://www.ubuntu.com/usn/usn-623-1 UBUNTU:USN-629-1 URL:http://www.ubuntu.com/usn/usn-629-1 UBUNTU:USN-626-1 URL:http://www.ubuntu.com/usn/usn-626-1 UBUNTU:USN-626-2 URL:http://www.ubuntu.com/usn/usn-626-2 BID:29802 URL:http://www.securityfocus.com/bid/29802 OVAL:oval:org.mitre.oval:def:9900 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9900 SECUNIA:34501 URL:http://secunia.com/advisories/34501 VUPEN:ADV-2008-1873 URL:http://www.vupen.com/english/advisories/2008/1873 SECTRACK:1020336 URL:http://www.securitytracker.com/id?1020336 SECUNIA:30761 URL:http://secunia.com/advisories/30761 SECUNIA:31122 URL:http://secunia.com/advisories/31122 SECUNIA:31121 URL:http://secunia.com/advisories/31121 SECUNIA:31129 URL:http://secunia.com/advisories/31129 SECUNIA:31157 URL:http://secunia.com/advisories/31157 SECUNIA:31144 URL:http://secunia.com/advisories/31144 SECUNIA:31145 URL:http://secunia.com/advisories/31145 SECUNIA:31154 URL:http://secunia.com/advisories/31154 SECUNIA:31176 URL:http://secunia.com/advisories/31176 SECUNIA:31183 URL:http://secunia.com/advisories/31183 SECUNIA:31195 URL:http://secunia.com/advisories/31195 SECUNIA:31220 URL:http://secunia.com/advisories/31220 SECUNIA:31270 URL:http://secunia.com/advisories/31270 SECUNIA:31261 URL:http://secunia.com/advisories/31261 SECUNIA:31253 URL:http://secunia.com/advisories/31253 SECUNIA:31306 URL:http://secunia.com/advisories/31306 SECUNIA:31377 URL:http://secunia.com/advisories/31377 SECUNIA:31286 URL:http://secunia.com/advisories/31286 SECUNIA:31403 URL:http://secunia.com/advisories/31403 SECUNIA:33433 URL:http://secunia.com/advisories/33433 VUPEN:ADV-2009-0977 URL:http://www.vupen.com/english/advisories/2009/0977 XF:firefox-unspecified-code-execution(43167) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/43167
Assigning CNA
N/A
Date Entry Created
20080619	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20080619)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org