1. Home
  2. Vulnerabilities
  3. CVE-2008-2807

CVE-2008-2807

CVSS v2.0 5 (Medium)
50% Progress
EPSS 1.66 % (88th)
1.66% Progress
Affected Products 2
Advisories 9
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly handle an invalid .properties file for an add-on, which allows remote attackers to read uninitialized memory, as demonstrated by use of ISO 8859 encoding instead of UTF-8 encoding in a French .properties file.

Weaknesses
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2008-07-07 23:41:00
(16 years ago)
Updated Date
2018-10-11 20:44:05
(6 years ago)

Affected Products

Mozilla

Configuration #1

    CPE23 From Up To
  Mozilla Firefox 2.0.0.14 and prior versions cpe:2.3:a:mozilla:firefox <= 2.0.0.14
  Mozilla Firefox 2.0 cpe:2.3:a:mozilla:firefox:2.0
  Mozilla Firefox 2.0.0.1 cpe:2.3:a:mozilla:firefox:2.0.0.1
  Mozilla Firefox 2.0.0.2 cpe:2.3:a:mozilla:firefox:2.0.0.2
  Mozilla Firefox 2.0.0.3 cpe:2.3:a:mozilla:firefox:2.0.0.3
  Mozilla Firefox 2.0.0.4 cpe:2.3:a:mozilla:firefox:2.0.0.4
  Mozilla Firefox 2.0.0.5 cpe:2.3:a:mozilla:firefox:2.0.0.5
  Mozilla Firefox 2.0.0.6 cpe:2.3:a:mozilla:firefox:2.0.0.6
  Mozilla Firefox 2.0.0.7 cpe:2.3:a:mozilla:firefox:2.0.0.7
  Mozilla Firefox 2.0.0.8 cpe:2.3:a:mozilla:firefox:2.0.0.8
  Mozilla Firefox 2.0.0.9 cpe:2.3:a:mozilla:firefox:2.0.0.9
  Mozilla Firefox 2.0.0.10 cpe:2.3:a:mozilla:firefox:2.0.0.10
  Mozilla Firefox 2.0.0.11 cpe:2.3:a:mozilla:firefox:2.0.0.11
  Mozilla Firefox 2.0.0.12 cpe:2.3:a:mozilla:firefox:2.0.0.12
  Mozilla Firefox 2.0.0.13 cpe:2.3:a:mozilla:firefox:2.0.0.13
  Mozilla Seamonkey 1.1.9 and prior versions cpe:2.3:a:mozilla:seamonkey <= 1.1.9
  Mozilla Seamonkey 1.1 cpe:2.3:a:mozilla:seamonkey:1.1
  Mozilla Seamonkey 1.1.2 cpe:2.3:a:mozilla:seamonkey:1.1.2
  Mozilla Seamonkey 1.1.3 cpe:2.3:a:mozilla:seamonkey:1.1.3
  Mozilla Seamonkey 1.1.4 cpe:2.3:a:mozilla:seamonkey:1.1.4
  Mozilla Seamonkey 1.1.5 cpe:2.3:a:mozilla:seamonkey:1.1.5
  Mozilla Seamonkey 1.1.6 cpe:2.3:a:mozilla:seamonkey:1.1.6
  Mozilla Seamonkey 1.1.7 cpe:2.3:a:mozilla:seamonkey:1.1.7
  Mozilla Seamonkey 1.1.8 cpe:2.3:a:mozilla:seamonkey:1.1.8