7.5

CVE-2008-4058

The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to (1) chrome XBL and (2) chrome JS.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MozillaFirefox Version < 2.0.0.17
MozillaFirefox Version >= 3.0 < 3.0.2
MozillaSeamonkey Version < 1.1.12
MozillaThunderbird Version < 2.0.0.17
DebianDebian Linux Version4.0
CanonicalUbuntu Linux Version6.06 SwEditionlts
CanonicalUbuntu Linux Version7.04
CanonicalUbuntu Linux Version7.10
CanonicalUbuntu Linux Version8.04 SwEditionlts
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.08% 0.912
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/33433
Third Party Advisory
http://www.debian.org/security/2009/dsa-1697
Third Party Advisory
http://secunia.com/advisories/33434
Third Party Advisory
http://www.debian.org/security/2009/dsa-1696
Third Party Advisory
http://secunia.com/advisories/34501
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
Broken Link
http://www.vupen.com/english/advisories/2009/0977
Third Party Advisory
http://download.novell.com/Download?buildid=WZXONb-tqBw~
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html
Third Party Advisory
http://secunia.com/advisories/31984
Third Party Advisory
http://secunia.com/advisories/31985
Third Party Advisory
http://secunia.com/advisories/32010
Third Party Advisory
http://secunia.com/advisories/32012
Third Party Advisory
http://secunia.com/advisories/32042
Third Party Advisory
http://secunia.com/advisories/32044
Third Party Advisory
http://secunia.com/advisories/32082
Third Party Advisory
http://secunia.com/advisories/32092
Third Party Advisory
http://secunia.com/advisories/32144
Third Party Advisory
http://secunia.com/advisories/32185
Third Party Advisory
http://secunia.com/advisories/32196
Third Party Advisory
http://secunia.com/advisories/32845
Third Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422
Third Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232
Third Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123
Third Party Advisory
http://www.debian.org/security/2008/dsa-1649
Third Party Advisory
http://www.debian.org/security/2008/dsa-1669
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:205
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:206
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0882.html
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0908.html
Third Party Advisory
http://www.ubuntu.com/usn/usn-645-1
Third Party Advisory
http://www.ubuntu.com/usn/usn-645-2
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2661
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html
Third Party Advisory
http://secunia.com/advisories/32007
Third Party Advisory
http://secunia.com/advisories/32025
Third Party Advisory
http://www.securityfocus.com/bid/31346
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/usn-647-1
Third Party Advisory
http://secunia.com/advisories/31987
Third Party Advisory
http://secunia.com/advisories/32011
Third Party Advisory
http://secunia.com/advisories/32089
Third Party Advisory
http://secunia.com/advisories/32095
Third Party Advisory
http://secunia.com/advisories/32096
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0879.html
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html
Third Party Advisory
http://www.mozilla.org/security/announce/2008/mfsa2008-41.html
Vendor Advisory
http://www.securitytracker.com/id?1020915
Third Party Advisory
VDB Entry
https://bugzilla.mozilla.org/show_bug.cgi?id=444075
Vendor Advisory
Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=444077
Vendor Advisory
Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/45349
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9679
Third Party Advisory