Lucene search
Ubuntu.comUB:CVE-2008-4058HistorySep 24, 2008 - 12:00 a.m.
CVE-2008-4058
2008-09-2400:00:00
ubuntu.com
ubuntu.com
17
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.083
Percentile
94.5%
The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before
3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows
remote attackers to “pollute XPCNativeWrappers” and execute arbitrary code
with chrome privileges via vectors related to (1) chrome XBL and (2) chrome
JS.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 6.06 | noarch | firefox | < 1.5.dfsg+1.5.0.15~prepatch080614e-0ubuntu3 | UNKNOWN |
| ubuntu | 7.04 | noarch | firefox | < 2.0.0.17+0nobinonly-0ubuntu0.7.4 | UNKNOWN |
| ubuntu | 7.10 | noarch | firefox | < 2.0.0.17+1nobinonly-0ubuntu0.7.10 | UNKNOWN |
| ubuntu | 8.04 | noarch | firefox | < 2.0.0.17+1nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
| ubuntu | 10.04 | noarch | firefox | < 3.0.3+build1+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
| ubuntu | 10.10 | noarch | firefox | < 3.0.3+build1+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
| ubuntu | 11.04 | noarch | firefox | < 3.0.3+build1+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
| ubuntu | 8.04 | noarch | firefox-3.0 | < 3.0.3+build1+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
| ubuntu | 8.10 | noarch | firefox-3.0 | < 3.0.3+build1+nobinonly-0ubuntu1 | UNKNOWN |
| ubuntu | 9.04 | noarch | firefox-3.0 | < 3.0.3+build1+nobinonly-0ubuntu1 | UNKNOWN |
Related
cvelist
cvelist
CVE-2008-4058
2008-09-24 18:00:00
cve
cve
CVE-2008-4058
2008-09-24 20:37:04
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:25:31
prion
prion
Code injection
2008-09-24 20:37:00
nvd
nvd
CVE-2008-4058
2008-09-24 20:37:04
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2008-41
2008-09-29 00:00:00
mozilla
mozilla
Privilege escalation via XPCnativeWrapper pollution — Mozilla
2008-09-23 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: epiphany-extensions-2.22.1-4.fc9
2008-09-28 18:40:02
[SECURITY] Fedora 9 Update: kazehakase-0.5.5-1.fc9.1
2008-09-28 18:40:02
[SECURITY] Fedora 9 Update: mozvoikko-0.9.5-3.fc9
2008-09-28 18:40:02
openvas
openvas
RedHat Update for firefox RHSA-2008:0879-01
2009-03-06 00:00:00
Fedora Update for chmsee FEDORA-2008-8425
2009-02-17 00:00:00
Fedora Update for devhelp FEDORA-2008-8399
2009-02-17 00:00:00
nessus
nessus
Fedora 9 : Miro-1.2.4-3.fc9 / blam-1.8.5-2.fc9 / cairo-dock-1.6.2.3-1.fc9.1 / chmsee-1.0.1-5.fc9 / etc (2008-8425)
2008-09-29 00:00:00
Fedora 8 : Miro-1.2.3-4.fc8 / blam-1.8.3-18.fc8 / cairo-dock-1.6.2.3-1.fc8.1 / chmsee-1.0.0-4.31.fc8 / etc (2008-8399)
2008-09-29 00:00:00
Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
oraclelinux
oraclelinux
firefox security update
2008-09-24 00:00:00
thunderbird security update
2008-10-01 00:00:00
seamonkey security update
2008-09-24 00:00:00
centos
centos
devhelp, firefox, nss, xulrunner, yelp security update
2008-09-24 14:24:39
thunderbird security update
2008-10-03 18:55:22
seamonkey security update
2008-09-24 14:22:25
redhat
redhat
(RHSA-2008:0879) Critical: firefox security update
2008-09-23 00:00:00
(RHSA-2008:0908) Moderate: thunderbird security update
2008-10-01 00:00:00
(RHSA-2008:0882) Critical: seamonkey security update
2008-09-23 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2008-09-26 00:00:00
osv
osv
iceweasel - several vulnerabilities
2008-10-08 00:00:00
debian
debian
[SECURITY] [DSA 1649-1] New iceweasel packages fix several vulnerabilities
2008-10-08 20:15:55
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.083
Percentile
94.5%
Related for UB:CVE-2008-4058