Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2008-2785
Description:Mozilla Firefox before and 3.x before 3.0.1, Thunderbird before, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which allows remote attackers to execute arbitrary code via a large number of references to a common CSS object, leading to a counter overflow and a free of in-use memory, aka ZDI-CAN-349.
Test IDs:  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2008-2785
BugTraq ID: 29802
Bugtraq: 20080717 ZDI-08-044: Mozilla Firefox CSSValue Array Memory Corruption Vulnerability (Google Search)
Bugtraq: 20080729 rPSA-2008-0238-1 firefox (Google Search)
Debian Security Information: DSA-1614 (Google Search)
Debian Security Information: DSA-1615 (Google Search)
Debian Security Information: DSA-1621 (Google Search)
Debian Security Information: DSA-1697 (Google Search)
RedHat Security Advisories: RHSA-2008:0597
RedHat Security Advisories: RHSA-2008:0598
RedHat Security Advisories: RHSA-2008:0599
RedHat Security Advisories: RHSA-2008:0616
XForce ISS Database: firefox-unspecified-code-execution(43167)

© 1998-2021 E-Soft Inc. All rights reserved.