VDB
CVE-2008-4064
CVE-2008-4064
PUBLISHED
Reported by redhat · Published September 24, 2008
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to graphics rendering and (1) handling of a long alert messagebox in the cairo_surface_set_device_offset function, (2) integer overflows when handling animated PNG data in the info_callback function in nsPNGDecoder.cpp, and (3) an integer overflow when handling SVG data in the nsSVGFEGaussianBlurElement::SetupPredivide function in nsSVGFilters.cpp.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a |
Timeline
- Sep 24, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 3, 2023 EPSS Score
- Feb 9, 2023 EPSS Score
- Feb 13, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 5, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- 32025 third-party-advisoryx_refsource_SECUNIA
- 32011 third-party-advisoryx_refsource_SECUNIA
- 1020916 vdb-entryx_refsource_SECTRACK
- 32096 third-party-advisoryx_refsource_SECUNIA
- x_refsource_CONFIRM
- USN-645-1 vendor-advisoryx_refsource_UBUNTU
- oval:org.mitre.oval:def:11743 vdb-entrysignaturex_refsource_OVAL
- ADV-2009-0977 vdb-entryx_refsource_VUPEN
- USN-645-2 vendor-advisoryx_refsource_UBUNTU
- 31346 vdb-entryx_refsource_BID
- SUSE-SA:2008:050 vendor-advisoryx_refsource_SUSE
- x_refsource_CONFIRM
- 32196 third-party-advisoryx_refsource_SECUNIA
- FEDORA-2008-8425 vendor-advisoryx_refsource_FEDORA
- x_refsource_CONFIRM
- ADV-2008-2661 vdb-entryx_refsource_VUPEN
- SSA:2008-269-02 vendor-advisoryx_refsource_SLACKWARE
- 32095 third-party-advisoryx_refsource_SECUNIA
- 32089 third-party-advisoryx_refsource_SECUNIA
- 256408 vendor-advisoryx_refsource_SUNALERT
…and 10 more