Unrated severityNVD Advisory· Published Apr 17, 2008· Updated Jun 16, 2026
CVE-2008-1380
CVE-2008-1380
Description
The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird before 2.0.0.14, and SeaMonkey before 1.1.10 allows remote attackers to cause a denial of service (garbage collector crash) and possibly have other impacts via a crafted web page. NOTE: this is due to an incorrect fix for CVE-2008-1237.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
52cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 17 more
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: <=2.0.0.13
- cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*
- (no CPE)range: <2.0.0.14
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*+ 20 more
- cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*range: <=1.1.9
- cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.0.99:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*
- (no CPE)range: <1.1.10
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*range: <=2.0.0.13
- cpe:2.3:a:mozilla:thunderbird:2.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:2.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:2.0.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:2.0.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:2.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:2.0.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:2.0.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:2.0.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:2.0.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:2.0.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:2.0.0.9:*:*:*:*:*:*:*
- (no CPE)range: <2.0.0.14
Patches
Vulnerability mechanics
References
48- secunia.com/advisories/29787nvdPatchVendor Advisory
- secunia.com/advisories/29860nvdVendor Advisory
- www.kb.cert.org/vuls/id/441529nvdUS Government Resource
- lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.htmlnvd
- secunia.com/advisories/29793nvd
- secunia.com/advisories/29828nvd
- secunia.com/advisories/29883nvd
- secunia.com/advisories/29908nvd
- secunia.com/advisories/29911nvd
- secunia.com/advisories/29912nvd
- secunia.com/advisories/29947nvd
- secunia.com/advisories/30012nvd
- secunia.com/advisories/30029nvd
- secunia.com/advisories/30192nvd
- secunia.com/advisories/30327nvd
- secunia.com/advisories/30620nvd
- secunia.com/advisories/30717nvd
- secunia.com/advisories/31023nvd
- secunia.com/advisories/31377nvd
- secunia.com/advisories/33434nvd
- security.gentoo.org/glsa/glsa-200808-03.xmlnvd
- slackware.com/security/viewer.phpnvd
- slackware.com/security/viewer.phpnvd
- sunsolve.sun.com/search/document.donvd
- www.debian.org/security/2008/dsa-1555nvd
- www.debian.org/security/2008/dsa-1558nvd
- www.debian.org/security/2008/dsa-1562nvd
- www.debian.org/security/2009/dsa-1696nvd
- www.gentoo.org/security/en/glsa/glsa-200805-18.xmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.mozilla.org/security/announce/2008/mfsa2008-20.htmlnvd
- www.novell.com/linux/security/advisories/2008_13_sr.htmlnvd
- www.redhat.com/support/errata/RHSA-2008-0222.htmlnvd
- www.redhat.com/support/errata/RHSA-2008-0223.htmlnvd
- www.redhat.com/support/errata/RHSA-2008-0224.htmlnvd
- www.securityfocus.com/archive/1/491838/100/0/threadednvd
- www.securityfocus.com/bid/28818nvd
- www.securitytracker.com/idnvd
- www.ubuntu.com/usn/usn-602-1nvd
- www.vupen.com/english/advisories/2008/1251/referencesnvd
- www.vupen.com/english/advisories/2008/1793/referencesnvd
- bugzilla.mozilla.org/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/41857nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10752nvd
- www.redhat.com/archives/fedora-package-announce/2008-April/msg00407.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2008-April/msg00463.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2008-May/msg00058.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2008-May/msg00074.htmlnvd
News mentions
0No linked articles in our index yet.