VDB
CVE-2008-4070
CVE-2008-4070
PUBLISHED
Reported by redhat · Published September 27, 2008
Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long header in a news article, related to "canceling [a] newsgroup message" and "cancelled newsgroup messages."
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a |
Exploit Intelligence
- https://bugzilla.mozilla.org/show_bug.cgi?id=425152 (vulncheck-nvd)
Timeline
- Sep 27, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 2, 2022 CVE Updated
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 27, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- 32025 third-party-advisoryx_refsource_SECUNIA
- DSA-1697 vendor-advisoryx_refsource_DEBIAN
- x_refsource_CONFIRM
- MDVSA-2008:206 vendor-advisoryx_refsource_MANDRIVA
- 32010 third-party-advisoryx_refsource_SECUNIA
- ADV-2009-0977 vdb-entryx_refsource_VUPEN
- SUSE-SA:2008:050 vendor-advisoryx_refsource_SUSE
- mozilla-newsgroupmessage-bo(45426) vdb-entryx_refsource_XF
- 32196 third-party-advisoryx_refsource_SECUNIA
- oval:org.mitre.oval:def:10933 vdb-entrysignaturex_refsource_OVAL
- 33433 third-party-advisoryx_refsource_SECUNIA
- SSA:2008-269-02 vendor-advisoryx_refsource_SLACKWARE
- 1020948 vdb-entryx_refsource_SECTRACK
- 256408 vendor-advisoryx_refsource_SUNALERT
- 32092 third-party-advisoryx_refsource_SECUNIA
- DSA-1696 vendor-advisoryx_refsource_DEBIAN
- USN-647-1 vendor-advisoryx_refsource_UBUNTU
- x_refsource_CONFIRM
- 33434 third-party-advisoryx_refsource_SECUNIA
- SSA:2008-270-01 vendor-advisoryx_refsource_SLACKWARE
…and 5 more