Search for vulnerabilities
Vulnerability details: VCID-k11g-vmu6-aaad
Vulnerability ID VCID-k11g-vmu6-aaad
Aliases CVE-2008-0017
Summary CVE-2008-0017 Mozilla buffer overflow in http-index-format parser
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
rhas Critical https://access.redhat.com/errata/RHSA-2008:0977
rhas Critical https://access.redhat.com/errata/RHSA-2008:0978
epss 0.03961 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.03961 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.03961 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.03961 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.03961 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.03961 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.03961 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.03961 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.03961 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.03961 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.03961 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.03961 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.03961 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.03961 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.03961 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.03961 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.03961 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.03961 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.04871 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.04871 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.04871 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.04871 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.04871 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.04871 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.05822 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.0709 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.0709 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.0709 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.0709 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.0709 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.0709 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.0709 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.07175 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.07175 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.07175 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.07175 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.07175 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.07175 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.07175 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.08185 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.15807 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.15807 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.15807 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.15807 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.15807 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.15807 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.15807 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.15807 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.15807 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.15807 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.15807 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.15807 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.21557 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.21557 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.21557 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
epss 0.21557 https://api.first.org/data/v1/epss?cve=CVE-2008-0017
rhbs urgent https://bugzilla.redhat.com/show_bug.cgi?id=470892
cvssv2 9.3 https://nvd.nist.gov/vuln/detail/CVE-2008-0017
generic_textual critical https://www.mozilla.org/en-US/security/advisories/mfsa2008-54
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0017.json
https://api.first.org/data/v1/epss?cve=CVE-2008-0017
https://bugzilla.mozilla.org/show_bug.cgi?id=443299
http://secunia.com/advisories/32684
http://secunia.com/advisories/32693
http://secunia.com/advisories/32694
http://secunia.com/advisories/32695
http://secunia.com/advisories/32713
http://secunia.com/advisories/32714
http://secunia.com/advisories/32721
http://secunia.com/advisories/32778
http://secunia.com/advisories/32845
http://secunia.com/advisories/32853
http://secunia.com/advisories/33433
http://secunia.com/advisories/34501
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11005
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html
https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html
http://ubuntu.com/usn/usn-667-1
http://www.debian.org/security/2008/dsa-1669
http://www.debian.org/security/2008/dsa-1671
http://www.debian.org/security/2009/dsa-1697
http://www.iss.net/threats/311.html
http://www.mandriva.com/security/advisories?name=MDVSA-2008:228
http://www.mandriva.com/security/advisories?name=MDVSA-2008:230
http://www.mozilla.org/security/announce/2008/mfsa2008-54.html
http://www.redhat.com/support/errata/RHSA-2008-0977.html
http://www.redhat.com/support/errata/RHSA-2008-0978.html
http://www.securityfocus.com/bid/32281
http://www.securitytracker.com/id?1021185
http://www.us-cert.gov/cas/techalerts/TA08-319A.html
http://www.vupen.com/english/advisories/2008/3146
http://www.vupen.com/english/advisories/2009/0977
470892 https://bugzilla.redhat.com/show_bug.cgi?id=470892
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
CVE-2008-0017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0017
CVE-2008-0017 https://nvd.nist.gov/vuln/detail/CVE-2008-0017
GLSA-201301-01 https://security.gentoo.org/glsa/201301-01
mfsa2008-54 https://www.mozilla.org/en-US/security/advisories/mfsa2008-54
RHSA-2008:0977 https://access.redhat.com/errata/RHSA-2008:0977
RHSA-2008:0978 https://access.redhat.com/errata/RHSA-2008:0978
USN-667-1 https://usn.ubuntu.com/667-1/
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2008-0017
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.87341
EPSS Score 0.03961
Published At April 6, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.