CVE-2008-4070 — Vulnetix

Try Vulnetix Request Demo

CVE-2008-4070 PUBLISHED

Reported by redhat · Published September 27, 2008

Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long header in a news article, related to "canceling [a] newsgroup message" and "cancelled newsgroup messages."

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
n/a	n/a	n/a

Timeline

Sep 27, 2008 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 27, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score
Oct 10, 2023 EPSS Score

References

32025 third-party-advisoryx_refsource_SECUNIA
DSA-1697 vendor-advisoryx_refsource_DEBIAN
x_refsource_CONFIRM
MDVSA-2008:206 vendor-advisoryx_refsource_MANDRIVA
32010 third-party-advisoryx_refsource_SECUNIA
ADV-2009-0977 vdb-entryx_refsource_VUPEN
SUSE-SA:2008:050 vendor-advisoryx_refsource_SUSE
mozilla-newsgroupmessage-bo(45426) vdb-entryx_refsource_XF
32196 third-party-advisoryx_refsource_SECUNIA
oval:org.mitre.oval:def:10933 vdb-entrysignaturex_refsource_OVAL
33433 third-party-advisoryx_refsource_SECUNIA
SSA:2008-269-02 vendor-advisoryx_refsource_SLACKWARE
1020948 vdb-entryx_refsource_SECTRACK
256408 vendor-advisoryx_refsource_SUNALERT
32092 third-party-advisoryx_refsource_SECUNIA
DSA-1696 vendor-advisoryx_refsource_DEBIAN
USN-647-1 vendor-advisoryx_refsource_UBUNTU
x_refsource_CONFIRM
33434 third-party-advisoryx_refsource_SECUNIA
SSA:2008-270-01 vendor-advisoryx_refsource_SLACKWARE

…and 5 more

Open in Interactive Console →