Vulnerability & Exploit Database

Displaying entries 1 - 10 of 11 in total

Results for: CVE-2008-3836 Back to search

USN-1017-1: MySQL vulnerabilities Vulnerability

  • Severity: 5
  • Published: January 14, 2011

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a "CREATE TABLE ... SELECT."

USN-1397-1: MySQL vulnerabilities Vulnerability

  • Severity: 9
  • Published: July 13, 2009

Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM...

SUSE Linux Security Advisory: SUSE-SA:2008:050 Vulnerability

  • Severity: 10
  • Published: September 27, 2008

Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long header in a news article, related to "canceling [a] newsgroup message" and "cancelled newsgroup messages."

USN-645-1: Firefox and xulrunner vulnerabilities Vulnerability

  • Severity: 10
  • Published: September 24, 2008

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to graphics rendering and (1) handling of a long alert messagebox in the cairo_surface_set_device_offset function, (2...

SUSE Linux Security Vulnerability: CVE-2008-3836 Vulnerability

  • Severity: 8
  • Published: September 24, 2008

feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers to execute scripts with chrome privileges via vectors related to feed preview and the (1) elem.doCommand, (2) elem.dispatchEvent, (3) _setTitleText, (4) _setTitleImage, and (5) _initSubscriptionUI functions.

Gentoo Linux: CVE-2008-3836: Mozilla Products: Multiple vulnerabilities Vulnerability

  • Severity: 8
  • Published: September 24, 2008

feedWriter in Mozilla Firefox before 2.0.0.17 allows remote attackers to execute scripts with chrome privileges via vectors related to feed preview and the (1) elem.doCommand, (2) elem.dispatchEvent, (3) _setTitleText, (4) _setTitleImage, and (5) _initSubscriptionUI functions.

FreeBSD: mozilla -- multiple vulnerabilities (Multiple CVEs) Vulnerability

  • Severity: 10
  • Published: September 24, 2008

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to graphics rendering and (1) handling of a long alert messagebox in the cairo_surface_set_device_offset function, (2...

Mozilla Firefox Multiple Vulnerabilities Fixed in versions 2.0.0.17 and 3.0.2 Vulnerability

  • Severity: 10
  • Published: September 23, 2008

The URL parsing implementation contains a stack-based buffer overflow that could allow remote attackers to execute arbitrary code via a specially crafted URL in a link. (CVE-2008-0016)

The nsXMLDocument::OnChannelRedirect function could allow remote attackers to bypass the same-origin po...

Sun Patch: Mozilla 1.7_x86: Mozilla Firefox Web browser Vulnerability

  • Severity: 10
  • Published: March 10, 2008

The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to (1) a reachable assertion or (2) an integer overflow.