CVE-2008-4063Out-of-bounds Write in Mozilla Firefox

8 documents5 sources
Severity
9.3CRITICALNVD
EPSS
2.9%
top 13.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mozilla FirefoxCanonical Ubuntu Linux
Timeline
PublishedSep 24
Latest updateMay 2

Description

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and (1) a zero value of the "this" variable in the nsContentList::Item function; (2) interaction of the indic IME extension, a Hindi language selection, and the "g" character; and (3) interaction of the nsFrameList::SortByContentOrder function with a certai

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDmozilla/firefox3.0.1+1

Also affects: Ubuntu Linux 6.06, 7.04, 7.10, 8.04

🔴Vulnerability Details

1
GHSA
GHSA-jrcw-h5xr-875m: Multiple unspecified vulnerabilities in Mozilla Firefox 32022-05-02

📋Vendor Advisories

5
Ubuntu
Thunderbird vulnerabilities2008-09-26
Ubuntu
Firefox and xulrunner regression2008-09-25
Ubuntu
Firefox vulnerabilities2008-09-24
Ubuntu
Firefox and xulrunner vulnerabilities2008-09-24
Red Hat
Mozilla crashes with evidence of memory corruption2008-09-23

💬Community

1
Bugzilla
CVE-2008-4063 Mozilla crashes with evidence of memory corruption2008-09-22