CVE-2008-5715
Published: 24 December 2008
Mozilla Firefox 3.0.5 on Windows Vista allows remote attackers to cause a denial of service (application crash) via JavaScript code with a long string value for the hash property (aka location.hash). NOTE: it was later reported that earlier versions are also affected, and that the impact is CPU consumption and application hang in unspecified circumstances perhaps involving other platforms.
Notes
Author | Note |
---|---|
jdstrand | browser crash on Windows |
Priority
Status
Package | Release | Status |
---|---|---|
firefox Launchpad, Ubuntu, Debian |
upstream |
Needs triage
|
dapper |
Ignored
|
|
gutsy |
Ignored
|
|
hardy |
Ignored
|
|
intrepid |
Does not exist
|
|
jaunty |
Does not exist
|
|
firefox-3.0 Launchpad, Ubuntu, Debian |
upstream |
Needs triage
|
dapper |
Does not exist
|
|
gutsy |
Ignored
|
|
hardy |
Ignored
|
|
intrepid |
Ignored
|
|
jaunty |
Ignored
|
|
iceweasel Launchpad, Ubuntu, Debian |
upstream |
Needs triage
|
dapper |
Does not exist
|
|
gutsy |
Does not exist
|
|
hardy |
Does not exist
|
|
intrepid |
Does not exist
|
|
jaunty |
Does not exist
|
|
xulrunner Launchpad, Ubuntu, Debian |
upstream |
Needs triage
|
dapper |
Does not exist
|
|
gutsy |
Ignored
|
|
hardy |
Ignored
|
|
intrepid |
Ignored
|
|
jaunty |
Ignored
|
|
xulrunner-1.9 Launchpad, Ubuntu, Debian |
upstream |
Needs triage
|
dapper |
Does not exist
|
|
gutsy |
Ignored
|
|
hardy |
Ignored
|
|
intrepid |
Ignored
|
|
jaunty |
Ignored
|
|
seamonkey Launchpad, Ubuntu, Debian |
upstream |
Needs triage
|
dapper |
Does not exist
|
|
gutsy |
Does not exist
|
|
hardy |
Ignored
|
|
intrepid |
Ignored
|
|
jaunty |
Ignored
|
|
iceape Launchpad, Ubuntu, Debian |
upstream |
Needs triage
|
dapper |
Does not exist
|
|
gutsy |
Ignored
|
|
hardy |
Does not exist
|
|
intrepid |
Does not exist
|
|
jaunty |
Does not exist
|