Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-a59b-rr52-b3hs
Vulnerability ID VCID-a59b-rr52-b3hs
Aliases CVE-2008-5017
Summary Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code.Thunderbird shares the browser engine with Firefox and could be vulnerable if JavaScript were to be enabled in mail. This is not the default setting and we strongly discourage users from running JavaScript in mail. Without further investigation we cannot rule out the possibility that for some of these an attacker might be able to prepare memory for exploitation through some means other than JavaScript such as large images.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.17422 https://api.first.org/data/v1/epss?cve=CVE-2008-5017
generic_textual critical https://www.mozilla.org/en-US/security/advisories/mfsa2008-52
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5017.json
https://api.first.org/data/v1/epss?cve=CVE-2008-5017
470883 https://bugzilla.redhat.com/show_bug.cgi?id=470883
CVE-2008-5017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5017
GLSA-201301-01 https://security.gentoo.org/glsa/201301-01
mfsa2008-52 https://www.mozilla.org/en-US/security/advisories/mfsa2008-52
RHSA-2008:0976 https://access.redhat.com/errata/RHSA-2008:0976
RHSA-2008:0977 https://access.redhat.com/errata/RHSA-2008:0977
RHSA-2008:0978 https://access.redhat.com/errata/RHSA-2008:0978
USN-667-1 https://usn.ubuntu.com/667-1/
USN-668-1 https://usn.ubuntu.com/668-1/
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.9518
EPSS Score 0.17422
Published At May 29, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-29T08:27:31.162660+00:00 Mozilla Importer Import https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2008/mfsa2008-52.md 38.6.0