Home > Vulnerability Database > CVE-2008-5013

Mend.io Vulnerability Database

CVE-2008-5013

Date: November 13, 2008

Mozilla Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x before 1.1.13 do not properly check when the Flash module has been dynamically unloaded properly, which allows remote attackers to execute arbitrary code via a crafted SWF file that "dynamically unloads itself from an outside JavaScript function," which triggers an access of an expired memory address.

Severity Score

8.1

Related Resources (30)

Url: http://secunia.com/advisories/32694

Url: http://www.debian.org/security/2009/dsa-1697

Url: http://secunia.com/advisories/32693

Url: http://secunia.com/advisories/32714

Url: http://secunia.com/advisories/32778

Url: http://secunia.com/advisories/32853

Url: http://www.securityfocus.com/bid/32281

Url: http://www.us-cert.gov/cas/techalerts/TA08-319A.html

Url: http://ubuntu.com/usn/usn-667-1

Url: http://www.vupen.com/english/advisories/2009/0977

Url: http://www.redhat.com/support/errata/RHSA-2008-0977.html

Url: http://www.debian.org/security/2008/dsa-1669

Url: http://secunia.com/advisories/33433

Url: http://secunia.com/advisories/32684

Url: https://access.redhat.com/security/cve/CVE-2008-5013

Url: http://secunia.com/advisories/34501

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2008-5013

Url: http://www.debian.org/security/2008/dsa-1671

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2008:228

Url: http://www.mozilla.org/security/announce/2008/mfsa2008-49.html

Url: http://secunia.com/advisories/32845

Url: http://www.securitytracker.com/id?1021181

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9660

Url: https://bugzilla.mozilla.org/show_bug.cgi?id=433610

Url: http://www.vupen.com/english/advisories/2008/3146

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1

Url: https://nvd.nist.gov/vuln/detail/CVE-2008-5013

Url: http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html

Url: https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html

Url: https://www.mend.io/vulnerability-database/CVE-2008-5013

Severity Score

8.1

Weakness Type (CWE)

Resource Management Errors

CWE-399

CVSS v3.1

Base Score:	8.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	9.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2008-5013

Date: November 13, 2008

Severity Score

Related Resources (30)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?