8.8
CVE-2008-2934
- EPSS 3.59%
- Veröffentlicht 18.07.2008 16:41:00
- Zuletzt bearbeitet 16.06.2026 22:54:45
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file that triggers a free of an uninitialized pointer.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.59% | 0.879 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-908 Use of Uninitialized Resource
The product uses or accesses a resource that has not been initialized.
http://secunia.com/advisories/31270
http://secunia.com/advisories/34501
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
http://www.ubuntu.com/usn/usn-626-1
http://www.vupen.com/english/advisories/2009/0977
http://secunia.com/advisories/31132
http://securitytracker.com/id?1020516
http://www.mozilla.org/security/announce/2008/mfsa2008-36.html
http://www.securityfocus.com/bid/30266
http://www.vupen.com/english/advisories/2008/2125
https://bugzilla.mozilla.org/show_bug.cgi?id=441360
https://exchange.xforce.ibmcloud.com/vulnerabilities/43850