7.5

CVE-2008-4058

EPSS 2.43%
Published 24.09.2008 20:37:04
Last modified 09.04.2025 00:30:58
Source secalert@redhat.com
Teams watchlist Login
Open Login

The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to (1) chrome XBL and (2) chrome JS.

Affected products Warnungen 0 Metrics 2 CWE 0 References 55

Data is provided by the National Vulnerability Database (NVD)

Mozilla ≫ Firefox Version < 2.0.0.17

Mozilla ≫ Firefox Version >= 3.0 < 3.0.2

Mozilla ≫ Seamonkey Version < 1.1.12

Mozilla ≫ Thunderbird Version < 2.0.0.17

Debian ≫ Debian Linux Version4.0

Canonical ≫ Ubuntu Linux Version6.06 SwEditionlts

Canonical ≫ Ubuntu Linux Version7.04

Canonical ≫ Ubuntu Linux Version7.10

Canonical ≫ Ubuntu Linux Version8.04 SwEditionlts

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	2.43%	0.846

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/33433

Third Party Advisory

http://www.debian.org/security/2009/dsa-1697

Third Party Advisory

http://secunia.com/advisories/33434

Third Party Advisory

http://www.debian.org/security/2009/dsa-1696

Third Party Advisory

http://secunia.com/advisories/34501

Third Party Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1

Broken Link

http://www.vupen.com/english/advisories/2009/0977

Third Party Advisory

http://download.novell.com/Download?buildid=WZXONb-tqBw~

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html

Third Party Advisory

http://secunia.com/advisories/31984

Third Party Advisory

http://secunia.com/advisories/31985

Third Party Advisory

http://secunia.com/advisories/32010

Third Party Advisory

http://secunia.com/advisories/32012

Third Party Advisory

http://secunia.com/advisories/32042

Third Party Advisory

http://secunia.com/advisories/32044

Third Party Advisory

http://secunia.com/advisories/32082

Third Party Advisory

http://secunia.com/advisories/32092

Third Party Advisory

http://secunia.com/advisories/32144

Third Party Advisory

http://secunia.com/advisories/32185

Third Party Advisory

http://secunia.com/advisories/32196

Third Party Advisory

http://secunia.com/advisories/32845

Third Party Advisory

http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422

Third Party Advisory

http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232

Third Party Advisory

http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123

Third Party Advisory

http://www.debian.org/security/2008/dsa-1649

Third Party Advisory

http://www.debian.org/security/2008/dsa-1669

Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2008:205

Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2008:206

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2008-0882.html

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2008-0908.html

Third Party Advisory

http://www.ubuntu.com/usn/usn-645-1

Third Party Advisory

http://www.ubuntu.com/usn/usn-645-2

Third Party Advisory

http://www.vupen.com/english/advisories/2008/2661

Third Party Advisory

https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html

Third Party Advisory

https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html

Third Party Advisory

http://secunia.com/advisories/32007

Third Party Advisory

http://secunia.com/advisories/32025

Third Party Advisory

http://www.securityfocus.com/bid/31346

Third Party Advisory

VDB Entry

http://www.ubuntu.com/usn/usn-647-1

Third Party Advisory

http://secunia.com/advisories/31987

Third Party Advisory

http://secunia.com/advisories/32011

Third Party Advisory

http://secunia.com/advisories/32089

Third Party Advisory

http://secunia.com/advisories/32095

Third Party Advisory

http://secunia.com/advisories/32096

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2008-0879.html

Third Party Advisory

https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html

Third Party Advisory

http://www.mozilla.org/security/announce/2008/mfsa2008-41.html

Vendor Advisory

http://www.securitytracker.com/id?1020915

Third Party Advisory

VDB Entry

https://bugzilla.mozilla.org/show_bug.cgi?id=444075

Vendor Advisory

Issue Tracking

https://bugzilla.mozilla.org/show_bug.cgi?id=444077

Vendor Advisory

Issue Tracking

https://exchange.xforce.ibmcloud.com/vulnerabilities/45349

Third Party Advisory

VDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9679

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2008-4058

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-4058

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-4058

EUVD