CVE-2008-2419

Mozilla Firefox - Resource Management Error

Title source: rule

Description

Mozilla Firefox 2.0.0.14 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code by triggering an error condition during certain Iframe operations between a JSframe write and a JSframe close, as demonstrated by an error in loading an empty Java applet defined by a 'src="javascript:"' sequence.

Exploits (1)

exploitdb WORKING POC VERIFIED
by 0x000000 · htmldosmultiple
https://www.exploit-db.com/exploits/31817

References (3)

Scores

EPSS 0.1168
EPSS Percentile 93.7%

Details

CWE
CWE-399
Status published
Products (1)
mozilla/firefox 2.0.0.14
Published May 23, 2008
Tracked Since Feb 18, 2026