CVE-2008-5715
Published: 24 December 2008
Mozilla Firefox 3.0.5 on Windows Vista allows remote attackers to cause a denial of service (application crash) via JavaScript code with a long string value for the hash property (aka location.hash). NOTE: it was later reported that earlier versions are also affected, and that the impact is CPU consumption and application hang in unspecified circumstances perhaps involving other platforms.
Notes
| Author | Note |
|---|---|
| jdstrand | browser crash on Windows |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
firefox Launchpad, Ubuntu, Debian |
dapper |
Ignored
|
| gutsy |
Ignored
|
|
| hardy |
Ignored
|
|
| intrepid |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
firefox-3.0 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| gutsy |
Ignored
|
|
| hardy |
Ignored
|
|
| intrepid |
Ignored
|
|
| upstream |
Needs triage
|
|
|
iceape Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| gutsy |
Ignored
|
|
| hardy |
Does not exist
|
|
| intrepid |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
iceweasel Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| gutsy |
Does not exist
|
|
| hardy |
Does not exist
|
|
| intrepid |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
seamonkey Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| gutsy |
Does not exist
|
|
| hardy |
Ignored
|
|
| intrepid |
Ignored
|
|
| upstream |
Needs triage
|
|
|
xulrunner Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| gutsy |
Ignored
|
|
| hardy |
Ignored
|
|
| intrepid |
Ignored
|
|
| upstream |
Needs triage
|
|
|
xulrunner-1.9 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| gutsy |
Ignored
|
|
| hardy |
Ignored
|
|
| intrepid |
Ignored
|
|
| upstream |
Needs triage
|