CVE-2008-0412

Impact:
Critical
Public Date:
2008-02-07
Bugzilla:
431732: CVE-2008-0412 Mozilla layout engine crashes

The MITRE CVE dictionary describes this issue as:

The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to the (1) nsTableFrame::GetFrameAtOrBefore, (2) nsAccessibilityService::GetAccessible, (3) nsBindingManager::GetNestedInsertionPoint, (4) nsXBLPrototypeBinding::AttributeChanged, (5) nsColumnSetFrame::GetContentInsertionFrame, and (6) nsLineLayout::TrimTrailingWhiteSpaceIn methods, and other vectors.

Find out more about CVE-2008-0412 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux version 4 (thunderbird) RHSA-2008:0105 2008-02-08
Red Hat Enterprise Linux version 4 (seamonkey) RHSA-2008:0104 2008-02-08
Red Hat Enterprise Linux version 4 (firefox) RHSA-2008:0103 2008-02-08
Red Hat Enterprise Linux version 3 (seamonkey) RHSA-2008:0104 2008-02-08
Red Hat Enterprise Linux version 5 (firefox) RHSA-2008:0103 2008-02-08
Red Hat Enterprise Linux Desktop version 5 (thunderbird) RHSA-2008:0105 2008-02-08
Red Hat Enterprise Linux version 2.1 (seamonkey) RHSA-2008:0104 2008-02-08
Red Hat Enterprise Linux Optional Productivity Applications version 5 (thunderbird) RHSA-2008:0105 2008-02-08