CVE-2008-0017 (retired)

Priority
Description
The http-index-format MIME type parser (nsDirIndexParser) in Firefox 3.x
before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13
does not check for an allocation failure, which allows remote attackers to
cause a denial of service (crash) and possibly execute arbitrary code via
an HTTP index response with a crafted 200 header, which triggers memory
corruption and a buffer overflow.
Assigned-to
asac
Notes
Package
Upstream:released (2.0.0.18)
Package
Upstream:needs-triage
Package
Upstream:released (1.1.12)
Package
Upstream:needs-triage
Package
Upstream:released (1.1.12)
Package
Upstream:released (1.8.1.18)
Package
Upstream:released (1.9.0.4)
More Information

Updated: 2019-10-09 07:09:37 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)