CVE-2008-5021

Name of the Vulnerable Software and Affected Versions Firefox versions 3.x through 3.0.3 Firefox versions 2.x through 2.0.0.17 Thunderbird versions 2.x through 2.0.0.17 SeaMonkey versions 1.x through 1.1.12

Description The issue allows remote attackers to cause a denial of service and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory. Multiple vulnerabilities in various packages of the Debian GNU/Linux operating system can lead to a violation of confidentiality, integrity, and availability of protected information, and can be exploited remotely.

Recommendations For Firefox versions 3.x through 3.0.3, update to version 3.0.4 or later. For Firefox versions 2.x through 2.0.0.17, update to version 2.0.0.18 or later. For Thunderbird versions 2.x through 2.0.0.17, update to version 2.0.0.18 or later. For SeaMonkey versions 1.x through 1.1.12, update to version 1.1.13 or later.