CVE-2008-5014

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions 3.x through 3.0.1 Mozilla Firefox versions 2.x through 2.0.0.17 Thunderbird versions 2.x through 2.0.0.17 SeaMonkey versions 1.x through 1.1.12

Description The issue allows remote attackers to cause a denial of service and possibly execute arbitrary code by modifying the window. proto . proto object, triggering an assertion failure related to the OBJ IS NATIVE function. Multiple vulnerabilities in various Debian GNU/Linux packages, including libxul0d-dbg, libxul-dev, libsmjs1, libmozjs0d-dbg, libmozjs0d, libxul0d, libnss3-0d-dbg, libsmjs-dev, libnss3-0d, and libxul-common, can lead to disruption of confidentiality, integrity, and availability of protected information, and can be exploited remotely.

Recommendations For Mozilla Firefox versions 3.x through 3.0.1, update to version 3.0.2 or later. For Mozilla Firefox versions 2.x through 2.0.0.17, update to version 2.0.0.18 or later. For Thunderbird versions 2.x through 2.0.0.17, update to version 2.0.0.18 or later. For SeaMonkey versions 1.x through 1.1.12, update to version 1.1.13 or later. As a temporary workaround, consider restricting access to sensitive information and monitoring for potential security breaches until the issue is resolved.