Vulnerability Note VU#607267
Mozilla Firefox code execution vulnerability
Mozilla Firefox versions prior to 22.214.171.124 contain a vulnerability that may allow an attacker to execute code.
Versions of Mozilla Firefox prior to 126.96.36.199 contain a buffer overflow vulnerability. Browsers such as SeaMonkey and Epiphany that use Mozilla's rendering engine may also be affected.
Per Mozilla Foundation Security Advisory 2008-33:
This vulnerability does not affect Firefox 3.
A remote, unauthenticated attacker may be able to execute arbitrary code or cause a vulnerable browser to crash.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Mozilla||Affected||-||02 Jul 2008|
CVSS Metrics (Learn More)
Mozilla credits Security research firm Astabis for reporting this vulnerability.
This document was written by Ryan Giobbi.
- CVE IDs: CVE-2008-2811
- Date Public: 02 Jul 2008
- Date First Published: 02 Jul 2008
- Date Last Updated: 03 Jul 2008
- Severity Metric: 7.17
- Document Revision: 8
If you have feedback, comments, or additional information about this vulnerability, please send us email.