Vulnerability Details : CVE-2008-4062
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the JavaScript engine and (1) misinterpretation of the characteristics of Namespace and QName in jsxml.c, (2) misuse of signed integers in the nsEscapeCount function in nsEscape.cpp, and (3) interaction of JavaScript garbage collection with certain use of an NPObject in the nsNPObjWrapper::GetNewOrUsed function in nsJSNPRuntime.cpp.
Vulnerability category: Memory CorruptionExecute codeDenial of service
Products affected by CVE-2008-4062
- cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
Threat overview for CVE-2008-4062
Top countries where our scanners detected CVE-2008-4062
Top open port discovered on systems with this issue
5555
IPs affected by CVE-2008-4062 121
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2008-4062!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2008-4062
1.03%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 75 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2008-4062
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2008-4062
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2008-4062
-
http://www.redhat.com/support/errata/RHSA-2008-0882.html
Third Party Advisory
-
http://secunia.com/advisories/32096
Third Party Advisory
-
http://secunia.com/advisories/32007
Third Party Advisory
-
http://www.mandriva.com/security/advisories?name=MDVSA-2008:205
Third Party Advisory
-
http://secunia.com/advisories/33433
About Secunia Research | FlexeraThird Party Advisory
-
http://secunia.com/advisories/32025
Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2008-0908.html
Third Party Advisory
-
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html
Third Party Advisory
-
http://secunia.com/advisories/32095
Third Party Advisory
-
http://secunia.com/advisories/31987
Third Party Advisory
-
http://secunia.com/advisories/32012
Third Party Advisory
-
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123
Third Party Advisory
-
http://www.ubuntu.com/usn/usn-647-1
Third Party Advisory
-
http://www.ubuntu.com/usn/usn-645-2
Third Party Advisory
-
http://www.ubuntu.com/usn/usn-645-1
Third Party Advisory
-
http://www.mandriva.com/security/advisories?name=MDVSA-2008:206
Third Party Advisory
-
http://www.debian.org/security/2009/dsa-1696
[SECURITY] [DSA 1696-1] New icedove packages fix several vulnerabilitiesThird Party Advisory
-
http://secunia.com/advisories/34501
About Secunia Research | FlexeraThird Party Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=444608
Issue Tracking;Vendor Advisory
-
http://secunia.com/advisories/32196
Third Party Advisory
-
http://www.securitytracker.com/id?1020916
Third Party Advisory;VDB Entry
-
http://secunia.com/advisories/32082
Third Party Advisory
-
http://www.vupen.com/english/advisories/2008/2661
Third Party Advisory
-
http://secunia.com/advisories/31984
Third Party Advisory
-
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422
Third Party Advisory
-
http://secunia.com/advisories/32042
Third Party Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=367736
Issue Tracking;Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/45355
Third Party Advisory;VDB Entry
-
http://www.debian.org/security/2008/dsa-1649
Third Party Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10206
Third Party Advisory
-
http://secunia.com/advisories/32010
Third Party Advisory
-
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232
Third Party Advisory
-
http://secunia.com/advisories/32089
Third Party Advisory
-
http://www.debian.org/security/2009/dsa-1697
[SECURITY] [DSA 1697-1] New iceape packages fix several vulnerabilitiesThird Party Advisory
-
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html
Third Party Advisory
-
http://www.securityfocus.com/bid/31346
Third Party Advisory;VDB Entry
-
http://secunia.com/advisories/32044
Third Party Advisory
-
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
Broken Link
-
http://secunia.com/advisories/32185
Third Party Advisory
-
http://secunia.com/advisories/32011
Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2008-0879.html
Third Party Advisory
-
http://www.debian.org/security/2008/dsa-1669
[SECURITY] [DSA 1669-1] New xulrunner packages fix several vulnerabilitiesThird Party Advisory
-
http://secunia.com/advisories/33434
About Secunia Research | FlexeraThird Party Advisory
-
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html
Third Party Advisory
-
http://download.novell.com/Download?buildid=WZXONb-tqBw~
Third Party Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=445229
Issue Tracking;Vendor Advisory
-
http://www.vupen.com/english/advisories/2009/0977
Webmail: access your OVH emails on ovhcloud.com | OVHcloudThird Party Advisory
-
http://www.mozilla.org/security/announce/2008/mfsa2008-42.html
Vendor Advisory
-
http://secunia.com/advisories/32092
Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html
Third Party Advisory
-
http://secunia.com/advisories/31985
Third Party Advisory
-
http://secunia.com/advisories/32144
Third Party Advisory
-
http://secunia.com/advisories/32845
About Secunia Research | FlexeraThird Party Advisory
Jump to