Launchpad.net

CVE 2008-2811

The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image whose display requires more pixels than nscoord_MAX, related to nsBlockFrame::DrainOverflowLines.

Related bugs and status

CVE-2008-2811 (Candidate) is related to these bugs:

Bug #218534: [Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14

		In	Importance	Status
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	firefox (Ubuntu)	Undecided	Fix Released
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	thunderbird (Ubuntu)	Critical	Fix Released
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	seamonkey (Ubuntu)	Critical	Fix Released
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	xulrunner (Ubuntu)	Critical	Fix Released
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	firefox (Ubuntu Dapper)	Critical	Fix Released
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	seamonkey (Ubuntu Dapper)	Undecided	Invalid
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	thunderbird (Ubuntu Dapper)	Critical	Fix Released
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	xulrunner (Ubuntu Dapper)	Undecided	Invalid
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	firefox (Ubuntu Feisty)	Critical	Fix Released
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	seamonkey (Ubuntu Feisty)	Undecided	Invalid
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	thunderbird (Ubuntu Feisty)	Critical	Fix Released
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	xulrunner (Ubuntu Feisty)	Critical	Invalid
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	firefox (Ubuntu Gutsy)	Critical	Fix Released
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	seamonkey (Ubuntu Gutsy)	Undecided	Invalid
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	thunderbird (Ubuntu Gutsy)	Critical	Fix Released
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	xulrunner (Ubuntu Gutsy)	Undecided	Won't Fix
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	firefox (Ubuntu Hardy)	Critical	Fix Released
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	seamonkey (Ubuntu Hardy)	Critical	Fix Released
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	thunderbird (Ubuntu Hardy)	Critical	Fix Released
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	xulrunner (Ubuntu Hardy)	Critical	Fix Released
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	firefox (Ubuntu Intrepid)	Undecided	Fix Released
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	seamonkey (Ubuntu Intrepid)	Critical	Fix Released
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	thunderbird (Ubuntu Intrepid)	Critical	Fix Released
218534	[Needs Packaging] JavaScript vulnerability in Firefox/Thunderbird/SeaMonkey/Xulrunner before 2.0.0.14/1.1.10/1.8.1.14	xulrunner (Ubuntu Intrepid)	Critical	Fix Released

Bug #254618: Please update xulrunner to 1.8.1.16 version.

Summary				In	Importance	Status
	254618	Please update xulrunner to 1.8.1.16 version.		xulrunner (Ubuntu)	High	Fix Released
	254618	Please update xulrunner to 1.8.1.16 version.		xulrunner (Ubuntu Hardy)	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.mozilla.org...
CONFIRM: http://www.mozilla.org...
CONFIRM: https://bugzilla.mozil...
UBUNTU: USN-619-1
BID: 30038
SECUNIA: 30911
CONFIRM: https://issues.rpath.c...
FEDORA: FEDORA-2008-6127
FEDORA: FEDORA-2008-6193
FEDORA: FEDORA-2008-6196
MANDRIVA: MDVSA-2008:136
REDHAT: RHSA-2008:0547
REDHAT: RHSA-2008:0549
REDHAT: RHSA-2008:0569
SUSE: SUSE-SA:2008:034
CERT-VN: VU#607267
SECTRACK: 1020419
SECUNIA: 30915
SECUNIA: 30878
SECUNIA: 30898
SECUNIA: 30903
SECUNIA: 30949
SECUNIA: 31005
SECUNIA: 31008
DEBIAN: DSA-1607
DEBIAN: DSA-1615
REDHAT: RHSA-2008:0616
SECUNIA: 31069
SECUNIA: 31023
SECUNIA: 31183
SECUNIA: 31195
DEBIAN: DSA-1621
FEDORA: FEDORA-2008-6706
FEDORA: FEDORA-2008-6737
GENTOO: GLSA-200808-03
MANDRIVA: MDVSA-2008:155
UBUNTU: USN-629-1
SECUNIA: 31220
SECUNIA: 31253
SECUNIA: 31377
SECUNIA: 31286
SECUNIA: 31403
CONFIRM: http://wiki.rpath.com/...
SECUNIA: 31021
DEBIAN: DSA-1697
SECUNIA: 33433
SUNALERT: 256408
SECUNIA: 34501
VUPEN: ADV-2009-0977
VUPEN: ADV-2008-1993
SECUNIA: 31076
SLACKWARE: SSA:2008-191-03
SLACKWARE: SSA:2008-210-05
SLACKWARE: SSA:2008-191
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20080708 rPSA-2008-021...