CVE-2008-5013 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-5013
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-5013

Description: Mozilla Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x before 1.1.13 do not properly check when the Flash module has been dynamically unloaded properly, which allows remote attackers to execute arbitrary code via a crafted SWF file that "dynamically unloads itself from an outside JavaScript function," which triggers an access of an expired memory address.

CVE Status: Candidate

References: SUSE http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 ST 1021181 SAID Secunia Advisory: SA32693 Secunia Advisory: SA32694 Secunia Advisory: SA32714 Secunia Advisory: SA33433 Secunia Advisory: SA34501 Secunia Advisory: SA32845 REDHAT http://www.redhat.com/support/errata/RHSA-2008-0977.html MISC MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:228 DEBIAN http://www.debian.org/security/2009/dsa-1697 http://www.debian.org/security/2008/dsa-1671 http://www.debian.org/security/2008/dsa-1669 CONFIRM http://www.mozilla.org/security/announce/2008/mfsa2008-49.html CERT http://www.us-cert.gov/cas/techalerts/TA08-319A.html BID 32281

Return to the previous page.