VDB
CVE-2008-4063
CVE-2008-4063
PUBLISHED
Reported by redhat · Published September 24, 2008
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and (1) a zero value of the "this" variable in the nsContentList::Item function; (2) interaction of the indic IME extension, a Hindi language selection, and the "g" character; and (3) interaction of the nsFrameList::SortByContentOrder function with a certain insufficient protection of inline frames.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a |
Timeline
- Sep 24, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 3, 2023 EPSS Score
- Feb 9, 2023 EPSS Score
- Feb 13, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 5, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- 32025 third-party-advisoryx_refsource_SECUNIA
- 32011 third-party-advisoryx_refsource_SECUNIA
- 1020916 vdb-entryx_refsource_SECTRACK
- x_refsource_CONFIRM
- 32096 third-party-advisoryx_refsource_SECUNIA
- x_refsource_CONFIRM
- USN-645-1 vendor-advisoryx_refsource_UBUNTU
- mozilla-firefox-layout-code-execution(45354) vdb-entryx_refsource_XF
- ADV-2009-0977 vdb-entryx_refsource_VUPEN
- USN-645-2 vendor-advisoryx_refsource_UBUNTU
- 31346 vdb-entryx_refsource_BID
- oval:org.mitre.oval:def:11151 vdb-entrysignaturex_refsource_OVAL
- SUSE-SA:2008:050 vendor-advisoryx_refsource_SUSE
- 32196 third-party-advisoryx_refsource_SECUNIA
- FEDORA-2008-8425 vendor-advisoryx_refsource_FEDORA
- ADV-2008-2661 vdb-entryx_refsource_VUPEN
- SSA:2008-269-02 vendor-advisoryx_refsource_SLACKWARE
- x_refsource_CONFIRM
- 32095 third-party-advisoryx_refsource_SECUNIA
- 32089 third-party-advisoryx_refsource_SECUNIA
…and 10 more