[Bug 256624] [NEW] [CVE-2008-3444] Firefox 3.0.1 crash via a crafted but well-formed web page
Alexander Konovalenko
alexkon at gmail.com
Sun Aug 10 14:25:43 UTC 2008
*** This bug is a security vulnerability ***
Public security bug reported:
Binary package hint: firefox-3.0
CVE-2008-3444 description:
"The content layout component in Mozilla Firefox 3.0 and 3.0.1 allows
remote attackers to cause a denial of service (NULL pointer dereference
and application crash) via a crafted but well-formed web page that
contains "a simple set of legitimate HTML tags." "
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3444
More information:
http://blog.mozilla.com/security/2008/07/30/low-risk-denial-of-service-in-firefox/
https://bugzilla.mozilla.org/show_bug.cgi?id=448564 (private bug)
** Affects: firefox
Importance: Unknown
Status: Unknown
** Affects: firefox-3.0 (Ubuntu)
Importance: Undecided
Status: New
** Visibility changed to: Public
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-3444
--
[CVE-2008-3444] Firefox 3.0.1 crash via a crafted but well-formed web page
https://bugs.launchpad.net/bugs/256624
You received this bug notification because you are a member of Mozilla
Bugs, which is subscribed to firefox-3.0 in ubuntu.
More information about the Ubuntu-mozillateam-bugs
mailing list