CVE-2008-2419 (retired)

Priority
Description
Mozilla Firefox 2.0.0.14 allows remote attackers to cause a denial of
service (heap corruption and application crash) or possibly execute
arbitrary code by triggering an error condition during certain Iframe
operations between a JSframe write and a JSframe close, as demonstrated by
an error in loading an empty Java applet defined by a 'src="javascript:"'
sequence.
Notes
jdstrandfirefox 3 not affected. seems a simple DoS, but will elevate if
evidence of ability to execute code
mdeslaurupstream couldn't reproduce, ignoring.
Package
Upstream:needs-triage
Package
Upstream:not-affected
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2019-10-09 07:11:02 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)