漏洞信息详情
Mozilla Firefox 块回流拒绝服务漏洞
- CNNVD编号:CNNVD-200807-109
- 危害等级: 超危
- CVE编号: CVE-2008-2811
- 漏洞类型: 资源管理错误
- 发布时间: 2008-07-07
- 威胁类型: 远程
- 更新时间: 2009-04-16
- 厂 商: mozilla
- 漏洞来源: moz_bug_r_a4※ moz_...
漏洞简介
Firefox是Mozilla所发布的开源WEB浏览器。 块回流进程中的漏洞可能导致崩溃或执行任意代码。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接: http://www.mozilla.com/en-US/Firefox/all.HTML
参考网址
来源: US-CERT 名称: VU#607267 链接:http://www.kb.cert.org/vuls/id/607267 来源: FEDORA 名称: FEDORA-2008-6196 链接:https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00295.HTML 来源: FEDORA 名称: FEDORA-2008-6193 链接:https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00288.HTML 来源: FEDORA 名称: FEDORA-2008-6127 链接:https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00207.HTML 来源: FEDORA 名称: FEDORA-2008-6706 链接:https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00144.HTML 来源: FEDORA 名称: FEDORA-2008-6737 链接:https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00125.HTML 来源: issues.rpath.com 链接:https://issues.rpath.com/browse/RPL-2646 来源: bugzilla.mozilla.org 链接:https://bugzilla.mozilla.org/show_bug.cgi?id=439735 来源: VUPEN 名称: ADV-2009-0977 链接:http://www.vupen.com/english/advisories/2009/0977 来源: UBUNTU 名称: USN-629-1 链接:http://www.ubuntu.com/usn/usn-629-1 来源: UBUNTU 名称: USN-619-1 链接:http://www.ubuntu.com/usn/usn-619-1 来源: SECTRACK 名称: 1020419 链接:http://www.securitytracker.com/id?1020419 来源: BID 名称: 30038 链接:http://www.securityfocus.com/bid/30038 来源: BUGTRAQ 名称: 20080708 rPSA-2008-0216-1 Firefox 链接:http://www.securityfocus.com/archive/1/archive/1/494080/100/0/threaded 来源: REDHAT 名称: RHSA-2008:0569 链接:http://www.redhat.com/support/errata/RHSA-2008-0569.HTML 来源: REDHAT 名称: RHSA-2008:0549 链接:http://www.redhat.com/support/errata/RHSA-2008-0549.HTML 来源: REDHAT 名称: RHSA-2008:0547 链接:http://www.redhat.com/support/errata/RHSA-2008-0547.HTML 来源: www.mozilla.org 链接:http://www.mozilla.org/security/announce/2008/mfsa2008-33.HTML 来源: www.mozilla.org 链接:http://www.mozilla.org/projects/security/known-vulnerabilities.HTML#Firefox2.0.0.15 来源: MANDRIVA 名称: MDVSA-2008:155 链接:http://www.mandriva.com/security/advisories?name=MDVSA-2008:155 来源: MANDRIVA 名称: MDVSA-2008:136 链接:http://www.mandriva.com/security/advisories?name=MDVSA-2008:136 来源: VUPEN 名称: ADV-2008-1993 链接:http://www.frsirt.com/english/advisories/2008/1993/references 来源: DEBIAN 名称: DSA-1697 链接:http://www.debian.org/security/2009/dsa-1697 来源: DEBIAN 名称: DSA-1621 链接:http://www.debian.org/security/2008/dsa-1621 来源: DEBIAN 名称: DSA-1615 链接:http://www.debian.org/security/2008/dsa-1615 来源: DEBIAN 名称: DSA-1607 链接:http://www.debian.org/security/2008/dsa-1607 来源: wiki.rpath.com 链接:http://wiki.rpath.com/Advisories:rPSA-2008-0216 来源: SUNALERT 名称: 256408 链接:http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 来源: SLACKWARE 名称: SSA:2008-210-05 链接:http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.410484 来源: SLACKWARE 名称: SSA:2008-191 链接:http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.384911 来源: SLACKWARE 名称: SSA:2008-191-03 链接:http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.383152 来源: GENTOO 名称: GLSA-200808-03 链接:http://security.gentoo.org/glsa/glsa-200808-03.xml 来源: SECUNIA 名称: 34501 链接:http://secunia.com/advisories/34501 来源: SECUNIA 名称: 33433 链接:http://secunia.com/advisories/33433 来源: SECUNIA 名称: 31403 链接:http://secunia.com/advisories/31403 来源: SECUNIA 名称: 31377 链接:http://secunia.com/advisories/31377 来源: SECUNIA 名称: 31286 链接:http://secunia.com/advisories/31286 来源: SECUNIA 名称: 31253 链接:http://secunia.com/advisories/31253 来源: SECUNIA 名称: 31220 链接:http://secunia.com/advisories/31220 来源: SECUNIA 名称: 31195 链接:http://secunia.com/advisories/31195 来源: SECUNIA 名称: 31183 链接:http://secunia.com/advisories/31183 来源: SECUNIA 名称: 31069 链接:http://secunia.com/advisories/31069 来源: SECUNIA 名称: 31023 链接:http://secunia.com/advisories/31023 来源: SECUNIA 名称: 31021 链接:http://secunia.com/advisories/31021 来源: SECUNIA 名称: 31008 链接:http://secunia.com/advisories/31008 来源: SECUNIA 名称: 31005 链接:http://secunia.com/advisories/31005 来源: SECUNIA 名称: 30949 链接:http://secunia.com/advisories/30949 来源: SECUNIA 名称: 30915 链接:http://secunia.com/advisories/30915 来源: SECUNIA 名称: 30911 链接:http://secunia.com/advisories/30911 来源: SECUNIA 名称: 30903 链接:http://secunia.com/advisories/30903 来源: SECUNIA 名称: 30898 链接:http://secunia.com/advisories/30898 来源: SECUNIA 名称: 30878 链接:http://secunia.com/advisories/30878 来源: REDHAT 名称: RHSA-2008:0616 链接:http://rhn.redhat.com/errata/RHSA-2008-0616.HTML 来源: SUSE 名称: SUSE-SA:2008:034 链接:http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.HTML
受影响实体
- Mozilla Thunderbird:2.0.0.14
- Mozilla Seamonkey:1.1.9
- Mozilla Firefox:2.0.0.14
- Mozilla Thunderbird:2.0.0.9
- Mozilla Thunderbird:2.0.0.8
补丁
暂无
评论