One bug to rule them all Firefox, IE, Safari, Opera, Chrome, Seamonkey

Risk: High
Local: No
Remote: Yes
CWE: CWE-399

CVSS Base Score: 7.1/10
Impact Subscore: 6.9/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: None
Integrity impact: None
Availability impact: Complete

________________________________________________________________________ One bug to rule them all IE5,IE6,IE7,IE8,Netscape,Firefox,Safari,Opera,Konqueror, Seamonkey,Wii,PS3,iPhone,iPod,Nokia,Siemens.... and more. ________________________________________________________________________ Update/Changes : ---------------- Backround : ~~~~~~~~~~~ + I failed to include details about the nature of the bug (DOM), the root cause is a DOM flaw and not a Javascript flaw as the Backround info might have lead to think. Thanks James Schend for the heads up. + The bug was present in a 9 year old version of Netscape - draw your own conclusions. Patch availability : ~~~~~~~~~~~~~~~~~~~~ + Seamonkey 1.1.17 and SeaMonkey 2 (soon to be Beta) have been patched Affected Products : ~~~~~~~~~~~~~~~~~~~~ + Blackberry 8800/probably all (null ptr exception, browser crash) Thanks to "528-0444" for the Report. + Google G1 latest (Firmware 1.5, Kernel: 2.6.27-00393-g6607056, Build: CRB43) (Browser crash) Thanks Scott Fraser for the Report.


Vote for this issue:


Thanks for you vote!


Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2022,


Back to Top