CVE-2008-4062Out-of-bounds Write in Mozilla Firefox

CWE-3999 documents6 sources
Severity
10.0CRITICALNVD
EPSS
2.9%
top 13.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Mozilla FirefoxMozilla SeamonkeyMozilla Thunderbird+2 more
Timeline
PublishedSep 24
Latest updateMay 2

Description

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the JavaScript engine and (1) misinterpretation of the characteristics of Namespace and QName in jsxml.c, (2) misuse of signed integers in the nsEscapeCount function in nsEscape.cpp, and (3) intera

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

NVDmozilla/firefox3.03.0.2+1
NVDmozilla/seamonkey< 1.1.12
NVDmozilla/thunderbird< 2.0.0.17

Also affects: Debian Linux 4.0, Ubuntu Linux 6.06, 7.04, 7.10, 8.04

🔴Vulnerability Details

2
GHSA
GHSA-3wj5-57jg-38cx: Multiple unspecified vulnerabilities in Mozilla Firefox before 22022-05-02
CVEList
CVE-2008-4062: Multiple unspecified vulnerabilities in Mozilla Firefox before 22008-09-24

📋Vendor Advisories

5
Ubuntu
Thunderbird vulnerabilities2008-09-26
Ubuntu
Firefox and xulrunner regression2008-09-25
Ubuntu
Firefox vulnerabilities2008-09-24
Ubuntu
Firefox and xulrunner vulnerabilities2008-09-24
Red Hat
Mozilla crashes with evidence of memory corruption2008-09-23

💬Community

1
Bugzilla
CVE-2008-4062 Mozilla crashes with evidence of memory corruption2008-09-22
CVE-2008-4062 — Out-of-bounds Write in Mozilla Firefox | cvebase