Vulnerability Description
The content layout component in Mozilla Firefox 3.0 and 3.0.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted but well-formed web page that contains "a simple set of legitimate HTML tags."
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mozilla | Firefox | 3.0 |
Related Weaknesses (CWE)
References
- http://blog.mozilla.com/security/2008/07/30/low-risk-denial-of-service-in-firefo
- http://www.radware.com/newsevents/pressrelease.aspx?id=6459
- http://www.securityfocus.com/bid/30486
- https://bugzilla.mozilla.org/show_bug.cgi?id=448564
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44169
- http://blog.mozilla.com/security/2008/07/30/low-risk-denial-of-service-in-firefo
- http://www.radware.com/newsevents/pressrelease.aspx?id=6459
- http://www.securityfocus.com/bid/30486
- https://bugzilla.mozilla.org/show_bug.cgi?id=448564
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44169
FAQ
What is CVE-2008-3444?
CVE-2008-3444 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The content layout component in Mozilla Firefox 3.0 and 3.0.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted but well-formed web pa...
How severe is CVE-2008-3444?
CVE-2008-3444 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-3444?
Check the references section above for vendor advisories and patch information. Affected products include: Mozilla Firefox.