CVE-2008-0017 (retired)

Priority
Description
The http-index-format MIME type parser (nsDirIndexParser) in Firefox 3.x
before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13
does not check for an allocation failure, which allows remote attackers to
cause a denial of service (crash) and possibly execute arbitrary code via
an HTTP index response with a crafted 200 header, which triggers memory
corruption and a buffer overflow.
Assigned-to
asac
Package
Upstream:released (2.0.0.18)
Package
Upstream:needs-triage
Package
Upstream:released (1.1.12)
Package
Upstream:needs-triage
Package
Upstream:released (1.1.12)
Package
Upstream:released (1.8.1.18)
Package
Upstream:released (1.9.0.4)
More Information

Updated: 2019-08-23 08:32:03 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)