ID CVE-2008-4064
Summary Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to graphics rendering and (1) handling of a long alert messagebox in the cairo_surface_set_device_offset function, (2) integer overflows when handling animated PNG data in the info_callback function in nsPNGDecoder.cpp, and (3) an integer overflow when handling SVG data in the nsSVGFEGaussianBlurElement::SetupPredivide function in nsSVGFilters.cpp.
References
Vulnerable Configurations
  • Mozilla Firefox 3.0
    cpe:2.3:a:mozilla:firefox:3.0
  • Mozilla Firefox 3.0.1
    cpe:2.3:a:mozilla:firefox:3.0.1
CVSS
Base: 10.0 (as of 25-09-2008 - 14:17)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2008-270-01.NASL
    description New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0, 12.1, and -current to fix security issues.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 34300
    published 2008-09-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34300
    title Slackware 10.2 / 11.0 / 12.0 / 12.1 / current : mozilla-thunderbird (SSA:2008-270-01)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_MOZILLATHUNDERBIRD-5655.NASL
    description This update brings Mozilla Thunderbird to version 2.0.0.17. It contains the following security fixes: MFSA 2008-46 / CVE-2008-4070: Heap overflow when canceling a newsgroup message MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068: resource: traversal vulnerabilities MFSA 2008-43: BOM characters stripped from JavaScript before execution CVE-2008-4065: Stripped BOM characters bug CVE-2008-4066: HTML escaped low surrogates bug MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17): CVE-2008-4061: Jesse Ruderman reported a crash in the layout engine. CVE-2008-4062: Igor Bukanov, Philip Taylor, Georgi Guninski, and Antoine Labour reported crashes in the JavaScript engine. CVE-2008-4063: Jesse Ruderman, Bob Clary, and Martijn Wargers reported crashes in the layout engine which only affected Firefox 3. CVE-2008-4064: David Maciejak and Drew Yao reported crashes in graphics rendering which only affected Firefox 3. MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution CVE-2008-4058: XPCnativeWrapper pollution bugs CVE-2008-4059: XPCnativeWrapper pollution (Firefox 2) CVE-2008-4060: Documents without script handling objects MFSA 2008-38 / CVE-2008-3835: nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-37 / CVE-2008-0016: UTF-8 URL stack buffer overflow For more details: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.ht ml
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 34345
    published 2008-10-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34345
    title openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-5655)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_MOZILLATHUNDERBIRD-081003.NASL
    description This update brings Mozilla Thunderbird to version 2.0.0.17. It contains the following security fixes: MFSA 2008-46 / CVE-2008-4070: Heap overflow when canceling a newsgroup message MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068: resource: traversal vulnerabilities MFSA 2008-43: BOM characters stripped from JavaScript before execution CVE-2008-4065: Stripped BOM characters bug CVE-2008-4066: HTML escaped low surrogates bug MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17): CVE-2008-4061: Jesse Ruderman reported a crash in the layout engine. CVE-2008-4062: Igor Bukanov, Philip Taylor, Georgi Guninski, and Antoine Labour reported crashes in the JavaScript engine. CVE-2008-4063: Jesse Ruderman, Bob Clary, and Martijn Wargers reported crashes in the layout engine which only affected Firefox 3. CVE-2008-4064: David Maciejak and Drew Yao reported crashes in graphics rendering which only affected Firefox 3. MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution CVE-2008-4058: XPCnativeWrapper pollution bugs CVE-2008-4059: XPCnativeWrapper pollution (Firefox 2) CVE-2008-4060: Documents without script handling objects MFSA 2008-38 / CVE-2008-3835: nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-37 / CVE-2008-0016: UTF-8 URL stack buffer overflow For more details: http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.ht ml
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 39893
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39893
    title openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-236)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_GECKO-SDK-5654.NASL
    description This update backports lots of security fixes to mozilla-xulrunner package of SLES 10. It contains among others the following security fixes : - XBM image uninitialized memory reading. (MFSA 2008-45 / CVE-2008-4069) - resource: traversal vulnerabilities. (MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068) - BOM characters stripped from JavaScript before execution CVE-2008-4065: Stripped BOM characters bug CVE-2008-4066: HTML escaped low surrogates bug. (MFSA 2008-43) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17): CVE-2008-4061: Jesse Ruderman reported a crash in the layout engine. CVE-2008-4062: Igor Bukanov, Philip Taylor, Georgi Guninski, and Antoine Labour reported crashes in the JavaScript engine. CVE-2008-4063: Jesse Ruderman, Bob Clary, and Martijn Wargers reported crashes in the layout engine which only affected Firefox 3. CVE-2008-4064: David Maciejak and Drew Yao reported crashes in graphics rendering which only affected Firefox 3. (MFSA 2008-42) - Privilege escalation via XPCnativeWrapper pollution CVE-2008-4058: XPCnativeWrapper pollution bugs CVE-2008-4059: XPCnativeWrapper pollution (Firefox 2) CVE-2008-4060: Documents without script handling objects. (MFSA 2008-41) - Forced mouse drag. (MFSA 2008-40 / CVE-2008-3837) - Privilege escalation using feed preview page and XSS flaw. (MFSA 2008-39 / CVE-2008-3836) - nsXMLDocument::OnChannelRedirect() same-origin violation. (MFSA 2008-38 / CVE-2008-3835) - UTF-8 URL stack buffer overflow. (MFSA 2008-37 / CVE-2008-0016) For more details: http://www.mozilla.org/security/known-vulnerabilities/firefo x20.html
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 34366
    published 2008-10-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34366
    title SuSE 10 Security Update : Mozilla (ZYPP Patch Number 5654)
  • NASL family Windows
    NASL id MOZILLA_THUNDERBIRD_20017.NASL
    description The installed version of Thunderbird is affected by various security issues : - Using a specially crafted UTF-8 URL in a hyperlink, an attacker might be able to exploit a stack buffer overflow in the Mozilla URL parsing routes to execute arbitrary code (MFSA 2008-37). - It is possible to bypass the same-origin check in 'nsXMLDocument::OnChannelRedirect()' (MFSA 2008-38). - Privilege escalation is possible via 'XPCnativeWrapper' pollution (MFSA 2008-41). - There are several stability bugs in the browser engine that coould lead to crashes with evidence of memory corruption (MFSA 2008-42). - Certain BOM characters and low surrogate characters, if HTML-escaped, are stripped from JavaScript code before it is executed, which could allow for cross- site scripting attacks (MFSA 2008-43). - The 'resource:' protocol allows directory traversal on Linux when using URL-encoded slashes, and it can be used to bypass restrictions on local HTML files (MFSA 2008-44). - There is a heap-based buffer overflow that can be triggered when canceling a newsgroup message (MFSA 2008-46).
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 34294
    published 2008-09-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34294
    title Mozilla Thunderbird < 2.0.0.17 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SEAMONKEY-5657.NASL
    description This patch updates SeaMonkey to version 1.1.12, fixing security and other bugs : MFSA 2008-45 / CVE-2008-4069: XBM image uninitialized memory reading MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068: resource: traversal vulnerabilities MFSA 2008-43: BOM characters stripped from JavaScript before execution CVE-2008-4065: Stripped BOM characters bug CVE-2008-4066: HTML escaped low surrogates bug MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17): CVE-2008-4061: Jesse Ruderman reported a crash in the layout engine. CVE-2008-4062: Igor Bukanov, Philip Taylor, Georgi Guninski, and Antoine Labour reported crashes in the JavaScript engine. CVE-2008-4063: Jesse Ruderman, Bob Clary, and Martijn Wargers reported crashes in the layout engine which only affected Firefox 3. CVE-2008-4064: David Maciejak and Drew Yao reported crashes in graphics rendering which only affected Firefox 3. MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution CVE-2008-4058: XPCnativeWrapper pollution bugs CVE-2008-4059: XPCnativeWrapper pollution (Firefox 2) CVE-2008-4060: Documents without script handling objects MFSA 2008-40 / CVE-2008-3837: Forced mouse drag MFSA 2008-38 / CVE-2008-3835: nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-37 / CVE-2008-0016: UTF-8 URL stack buffer overflow Details can be found here: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
    last seen 2019-02-21
    modified 2016-12-27
    plugin id 34360
    published 2008-10-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34360
    title openSUSE 10 Security Update : seamonkey (seamonkey-5657)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_2273879E8A2F11DDA6FE0030843D3802.NASL
    description The Mozilla Foundation reports : MFSA 2008-37UTF-8 URL stack-based buffer overflow MFSA 2008-38nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-39Privilege escalation using feed preview page and XSS flaw MFSA 2008-40Forced mouse drag MFSA 2008-41Privilege escalation via XPCnativeWrapper pollution MFSA 2008-42Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) MFSA 2008-43BOM characters stripped from JavaScript before execution MFSA 2008-44resource: traversal vulnerabilities MFSA 2008-45XBM image uninitialized memory reading
    last seen 2019-02-21
    modified 2018-11-21
    plugin id 34270
    published 2008-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34270
    title FreeBSD : mozilla -- multiple vulnerabilities (2273879e-8a2f-11dd-a6fe-0030843d3802)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_SEAMONKEY-081003.NASL
    description This patch updates SeaMonkey to version 1.1.12, fixing security and other bugs : MFSA 2008-45 / CVE-2008-4069: XBM image uninitialized memory reading MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068: resource: traversal vulnerabilities MFSA 2008-43: BOM characters stripped from JavaScript before execution CVE-2008-4065: Stripped BOM characters bug CVE-2008-4066: HTML escaped low surrogates bug MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17): CVE-2008-4061: Jesse Ruderman reported a crash in the layout engine. CVE-2008-4062: Igor Bukanov, Philip Taylor, Georgi Guninski, and Antoine Labour reported crashes in the JavaScript engine. CVE-2008-4063: Jesse Ruderman, Bob Clary, and Martijn Wargers reported crashes in the layout engine which only affected Firefox 3. CVE-2008-4064: David Maciejak and Drew Yao reported crashes in graphics rendering which only affected Firefox 3. MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution CVE-2008-4058: XPCnativeWrapper pollution bugs CVE-2008-4059: XPCnativeWrapper pollution (Firefox 2) CVE-2008-4060: Documents without script handling objects MFSA 2008-40 / CVE-2008-3837: Forced mouse drag MFSA 2008-38 / CVE-2008-3835: nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-37 / CVE-2008-0016: UTF-8 URL stack buffer overflow Details can be found here: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 40130
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40130
    title openSUSE Security Update : seamonkey (seamonkey-238)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_MOZILLA-XULRUNNER181-081002.NASL
    description This update brings mozilla-xulrunner181 to security fix version 1.8.1.17. It contains the following security fixes: MFSA 2008-45 / CVE-2008-4069: XBM image uninitialized memory reading MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068: resource: traversal vulnerabilities MFSA 2008-43: BOM characters stripped from JavaScript before execution CVE-2008-4065: Stripped BOM characters bug CVE-2008-4066: HTML escaped low surrogates bug MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17): CVE-2008-4061: Jesse Ruderman reported a crash in the layout engine. CVE-2008-4062: Igor Bukanov, Philip Taylor, Georgi Guninski, and Antoine Labour reported crashes in the JavaScript engine. CVE-2008-4063: Jesse Ruderman, Bob Clary, and Martijn Wargers reported crashes in the layout engine which only affected Firefox 3. CVE-2008-4064: David Maciejak and Drew Yao reported crashes in graphics rendering which only affected Firefox 3. MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution CVE-2008-4058: XPCnativeWrapper pollution bugs CVE-2008-4059: XPCnativeWrapper pollution (Firefox 2) CVE-2008-4060: Documents without script handling objects MFSA 2008-40 / CVE-2008-3837: Forced mouse drag MFSA 2008-39 / CVE-2008-3836: Privilege escalation using feed preview page and XSS flaw MFSA 2008-38 / CVE-2008-3835: nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-37 / CVE-2008-0016: UTF-8 URL stack buffer overflow For more details: http://www.mozilla.org/security/known-vulnerabilities/firefox20.html
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 40071
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40071
    title openSUSE Security Update : mozilla-xulrunner181 (mozilla-xulrunner181-237)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2008-269-02.NASL
    description New seamonkey packages are available for Slackware 11.0, 12.0, 12.1, and -current to fix security issues.
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 34296
    published 2008-09-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34296
    title Slackware 11.0 / 12.0 / 12.1 / current : seamonkey (SSA:2008-269-02)
  • NASL family Windows
    NASL id SEAMONKEY_1112.NASL
    description The installed version of SeaMonkey is affected by various security issues : - Using a specially crafted UTF-8 URL in a hyperlink, an attacker might be able to exploit a stack buffer overflow in the Mozilla URL parsing routes to execute arbitrary code. (MFSA 2008-37) - It is possible to bypass the same-origin check in 'nsXMLDocument::OnChannelRedirect()'. (MFSA 2008-38) - An attacker can cause the content window to move while the mouse is being clicked, causing an item to be dragged rather than clicked-on. (MFSA 2008-40) - Privilege escalation is possible via 'XPCnativeWrapper' pollution. (MFSA 2008-41) - There are several stability bugs in the browser engine that may lead to crashes with evidence of memory corruption. (MFSA 2008-42) - Certain BOM characters and low surrogate characters, if HTML-escaped, are stripped from JavaScript code before it is executed, which could allow for cross- site scripting attacks. (MFSA 2008-43) - The 'resource:' protocol allows directory traversal on Linux when using URL-encoded slashes, and it can by used to bypass restrictions on local HTML files. (MFSA 2008-44) - A bug in the XBM decoder allows random small chunks of uninitialized memory to be read. (MFSA 2008-45) - There is a heap-based buffer overflow that can be triggered when canceling a newsgroup message. (MFSA 2008-46)
    last seen 2019-02-21
    modified 2018-07-27
    plugin id 34269
    published 2008-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34269
    title SeaMonkey < 1.1.12 Multiple Vulnerabilities
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201301-01.NASL
    description The remote host is affected by the vulnerability described in GLSA-201301-01 (Mozilla Products: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL’s for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser’s font, conduct clickjacking attacks, or have other unspecified impact. A local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-11-19
    plugin id 63402
    published 2013-01-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63402
    title GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0879.NASL
    description An updated firefox package that fixes various security issues is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-4058, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064) Several flaws were found in the way malformed web content was displayed. A web page containing specially crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-4067, CVE-2008-4068) A flaw was found in the way Firefox handles mouse click events. A web page containing specially crafted JavaScript code could move the content window while a mouse-button was pressed, causing any item under the pointer to be dragged. This could, potentially, cause the user to perform an unsafe drag-and-drop action. (CVE-2008-3837) A flaw was found in Firefox that caused certain characters to be stripped from JavaScript code. This flaw could allow malicious JavaScript to bypass or evade script filters. (CVE-2008-4065) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.2. You can find a link to the Mozilla advisories in the References section. All firefox users should upgrade to this updated package, which contains backported patches that correct these issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 34274
    published 2008-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34274
    title RHEL 4 / 5 : firefox (RHSA-2008:0879)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2008-0879.NASL
    description An updated firefox package that fixes various security issues is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-4058, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064) Several flaws were found in the way malformed web content was displayed. A web page containing specially crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-4067, CVE-2008-4068) A flaw was found in the way Firefox handles mouse click events. A web page containing specially crafted JavaScript code could move the content window while a mouse-button was pressed, causing any item under the pointer to be dragged. This could, potentially, cause the user to perform an unsafe drag-and-drop action. (CVE-2008-3837) A flaw was found in Firefox that caused certain characters to be stripped from JavaScript code. This flaw could allow malicious JavaScript to bypass or evade script filters. (CVE-2008-4065) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.2. You can find a link to the Mozilla advisories in the References section. All firefox users should upgrade to this updated package, which contains backported patches that correct these issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 43709
    published 2010-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43709
    title CentOS 4 / 5 : firefox (CESA-2008:0879)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_MOZILLA-XULRUNNER190-081002.NASL
    description This update brings the mozilla-xulrunner190 engine to version 1.9.0.3, fixing a number of bugs and security problems : MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068: resource: traversal vulnerabilities MFSA 2008-43: BOM characters stripped from JavaScript before execution CVE-2008-4065: Stripped BOM characters bug CVE-2008-4066: HTML escaped low surrogates bug MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17): CVE-2008-4061: Jesse Ruderman reported a crash in the layout engine. CVE-2008-4062: Igor Bukanov, Philip Taylor, Georgi Guninski, and Antoine Labour reported crashes in the JavaScript engine. CVE-2008-4063: Jesse Ruderman, Bob Clary, and Martijn Wargers reported crashes in the layout engine which only affected Firefox 3. CVE-2008-4064: David Maciejak and Drew Yao reported crashes in graphics rendering which only affected Firefox 3. MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution CVE-2008-4058: XPCnativeWrapper pollution bugs CVE-2008-4059: XPCnativeWrapper pollution (Firefox 2) CVE-2008-4060: Documents without script handling objects MFSA 2008-40 / CVE-2008-3837: Forced mouse drag
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 40074
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40074
    title openSUSE Security Update : mozilla-xulrunner190 (mozilla-xulrunner190-234)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-647-1.NASL
    description It was discovered that the same-origin check in Thunderbird could be bypassed. If a user had JavaScript enabled and were tricked into opening a malicious website, an attacker may be able to execute JavaScript in the context of a different website. (CVE-2008-3835) Several problems were discovered in the browser engine of Thunderbird. If a user had JavaScript enabled, this could allow an attacker to execute code with chrome privileges. (CVE-2008-4058, CVE-2008-4059, CVE-2008-4060) Drew Yao, David Maciejak and other Mozilla developers found several problems in the browser engine of Thunderbird. If a user had JavaScript enabled and were tricked into opening a malicious web page, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064) Dave Reed discovered a flaw in the JavaScript parsing code when processing certain BOM characters. An attacker could exploit this to bypass script filters and perform cross-site scripting attacks if a user had JavaScript enabled. (CVE-2008-4065) Gareth Heyes discovered a flaw in the HTML parser of Thunderbird. If a user had JavaScript enabled and were tricked into opening a malicious web page, an attacker could bypass script filtering and perform cross-site scripting attacks. (CVE-2008-4066) Boris Zbarsky and Georgi Guninski independently discovered flaws in the resource: protocol. An attacker could exploit this to perform directory traversal, read information about the system, and prompt the user to save information in a file. (CVE-2008-4067, CVE-2008-4068) Georgi Guninski discovered that Thunderbird improperly handled cancelled newsgroup messages. If a user opened a crafted newsgroup message, an attacker could cause a buffer overrun and potentially execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-4070). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 37910
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37910
    title Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : mozilla-thunderbird, thunderbird vulnerabilities (USN-647-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-645-3.NASL
    description USN-645-1 fixed vulnerabilities in Firefox and xulrunner. The upstream patches introduced a regression in the saved password handling. While password data was not lost, if a user had saved any passwords with non-ASCII characters, Firefox could not access the password database. This update fixes the problem. We apologize for the inconvenience. Justin Schuh, Tom Cross and Peter Williams discovered errors in the Firefox URL parsing routines. If a user were tricked into opening a crafted hyperlink, an attacker could overflow a stack buffer and execute arbitrary code. (CVE-2008-0016) It was discovered that the same-origin check in Firefox could be bypassed. If a user were tricked into opening a malicious website, an attacker may be able to execute JavaScript in the context of a different website. (CVE-2008-3835) Several problems were discovered in the JavaScript engine. This could allow an attacker to execute scripts from page content with chrome privileges. (CVE-2008-3836) Paul Nickerson discovered Firefox did not properly process mouse click events. If a user were tricked into opening a malicious web page, an attacker could move the content window, which could potentially be used to force a user to perform unintended drag and drop operations. (CVE-2008-3837) Several problems were discovered in the browser engine. This could allow an attacker to execute code with chrome privileges. (CVE-2008-4058, CVE-2008-4059, CVE-2008-4060) Drew Yao, David Maciejak and other Mozilla developers found several problems in the browser engine of Firefox. If a user were tricked into opening a malicious web page, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064) Dave Reed discovered a flaw in the JavaScript parsing code when processing certain BOM characters. An attacker could exploit this to bypass script filters and perform cross-site scripting attacks. (CVE-2008-4065) Gareth Heyes discovered a flaw in the HTML parser of Firefox. If a user were tricked into opening a malicious web page, an attacker could bypass script filtering and perform cross-site scripting attacks. (CVE-2008-4066) Boris Zbarsky and Georgi Guninski independently discovered flaws in the resource: protocol. An attacker could exploit this to perform directory traversal, read information about the system, and prompt the user to save information in a file. (CVE-2008-4067, CVE-2008-4068) Billy Hoffman discovered a problem in the XBM decoder. If a user were tricked into opening a malicious web page or XBM file, an attacker may be able to cause a denial of service via application crash. (CVE-2008-4069). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 38073
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38073
    title Ubuntu 8.04 LTS : firefox-3.0, xulrunner-1.9 regression (USN-645-3)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2008-0879.NASL
    description From Red Hat Security Advisory 2008:0879 : An updated firefox package that fixes various security issues is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-4058, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064) Several flaws were found in the way malformed web content was displayed. A web page containing specially crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-4067, CVE-2008-4068) A flaw was found in the way Firefox handles mouse click events. A web page containing specially crafted JavaScript code could move the content window while a mouse-button was pressed, causing any item under the pointer to be dragged. This could, potentially, cause the user to perform an unsafe drag-and-drop action. (CVE-2008-3837) A flaw was found in Firefox that caused certain characters to be stripped from JavaScript code. This flaw could allow malicious JavaScript to bypass or evade script filters. (CVE-2008-4065) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.2. You can find a link to the Mozilla advisories in the References section. All firefox users should upgrade to this updated package, which contains backported patches that correct these issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 67744
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67744
    title Oracle Linux 5 : firefox (ELSA-2008-0879)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20080923_FIREFOX_ON_SL4_X.NASL
    description Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-4058, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064) Several flaws were found in the way malformed web content was displayed. A web page containing specially crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-4067, CVE-2008-4068) A flaw was found in the way Firefox handles mouse click events. A web page containing specially crafted JavaScript code could move the content window while a mouse-button was pressed, causing any item under the pointer to be dragged. This could, potentially, cause the user to perform an unsafe drag-and-drop action. (CVE-2008-3837) A flaw was found in Firefox that caused certain characters to be stripped from JavaScript code. This flaw could allow malicious JavaScript to bypass or evade script filters. (CVE-2008-4065) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.2. You can find a link to the Mozilla advisories in the References section.
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60475
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60475
    title Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2008-8425.NASL
    description Mozilla Firefox is an open source Web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-4058, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064) Several flaws were found in the way malformed web content was displayed. A web page containing specially crafted content could potentially trick a Firefox user into surrendering sensitive information. (CVE-2008-4067, CVE-2008-4068) A flaw was found in the way Firefox handles mouse click events. A web page containing specially crafted JavaScript code could move the content window while a mouse-button was pressed, causing any item under the pointer to be dragged. This could, potentially, cause the user to perform an unsafe drag-and-drop action. (CVE-2008-3837) A flaw was found in Firefox that caused certain characters to be stripped from JavaScript code. This flaw could allow malicious JavaScript to bypass or evade script filters. (CVE-2008-4065) For technical details regarding these flaws, please see the Mozilla security advisories for Firefox 3.0.2.[1] All Firefox users should upgrade to these updated packages, which contain patches that correct these issues. [1] http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-20
    plugin id 34308
    published 2008-09-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34308
    title Fedora 9 : Miro-1.2.4-3.fc9 / blam-1.8.5-2.fc9 / cairo-dock-1.6.2.3-1.fc9.1 / chmsee-1.0.1-5.fc9 / etc (2008-8425)
  • NASL family Windows
    NASL id MOZILLA_FIREFOX_302.NASL
    description The installed version of Firefox 3.0 is earlier than 3.0.2. Such versions are potentially affected by the following security issues : - An attacker can cause the content window to move while the mouse is being clicked, causing an item to be dragged rather than clicked-on (MFSA 2008-40). - Privilege escalation is possible via 'XPCnativeWrapper' pollution (MFSA 2008-41). - There are several stability bugs in the browser engine that could lead to crashes with evidence of memory corruption (MFSA 2008-42). - Certain BOM characters and low surrogate characters, if HTML-escaped, are stripped from JavaScript code before it is executed, which could allow for cross- site scripting attacks (MFSA 2008-43). - The 'resource:' protocol allows directory traversal on Linux when using URL-encoded slashes, and it can by used to bypass restrictions on local HTML files (MFSA 2008-44). - By tampering with the window.__proto__.__proto__ object, one can cause the browser to place a lock on a non- native object, leading to a crash and possible code execution. (MFSA 2008-50)
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 34267
    published 2008-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34267
    title Firefox 3.0.x < 3.0.2 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_MOZILLAFIREFOX-081002.NASL
    description This update brings MozillaFirefox to version 3.0.3, fixing a number of bugs and security problems : MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068: resource: traversal vulnerabilities MFSA 2008-43: BOM characters stripped from JavaScript before execution CVE-2008-4065: Stripped BOM characters bug CVE-2008-4066: HTML escaped low surrogates bug MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17): CVE-2008-4061: Jesse Ruderman reported a crash in the layout engine. CVE-2008-4062: Igor Bukanov, Philip Taylor, Georgi Guninski, and Antoine Labour reported crashes in the JavaScript engine. CVE-2008-4063: Jesse Ruderman, Bob Clary, and Martijn Wargers reported crashes in the layout engine which only affected Firefox 3. CVE-2008-4064: David Maciejak and Drew Yao reported crashes in graphics rendering which only affected Firefox 3. MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution CVE-2008-4058: XPCnativeWrapper pollution bugs CVE-2008-4059: XPCnativeWrapper pollution (Firefox 2) CVE-2008-4060: Documents without script handling objects MFSA 2008-40 / CVE-2008-3837: Forced mouse drag
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 39883
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39883
    title openSUSE Security Update : MozillaFirefox (MozillaFirefox-233)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_MOZILLAFIREFOX-5640.NASL
    description This update brings MozillaFirefox to version 2.0.0.17 to fix bugs and security issues : MFSA 2008-45 / CVE-2008-4069: XBM image uninitialized memory reading MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068: resource: traversal vulnerabilities MFSA 2008-43: BOM characters stripped from JavaScript before execution CVE-2008-4065: Stripped BOM characters bug CVE-2008-4066: HTML escaped low surrogates bug MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17): CVE-2008-4061: Jesse Ruderman reported a crash in the layout engine. CVE-2008-4062: Igor Bukanov, Philip Taylor, Georgi Guninski, and Antoine Labour reported crashes in the JavaScript engine. CVE-2008-4063: Jesse Ruderman, Bob Clary, and Martijn Wargers reported crashes in the layout engine which only affected Firefox 3. CVE-2008-4064: David Maciejak and Drew Yao reported crashes in graphics rendering which only affected Firefox 3. MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution CVE-2008-4058: XPCnativeWrapper pollution bugs CVE-2008-4059: XPCnativeWrapper pollution (Firefox 2) CVE-2008-4060: Documents without script handling objects MFSA 2008-40 / CVE-2008-3837: Forced mouse drag MFSA 2008-39 / CVE-2008-3836: Privilege escalation using feed preview page and XSS flaw MFSA 2008-38 / CVE-2008-3835: nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-37 / CVE-2008-0016: UTF-8 URL stack buffer overflow For more details: http://www.mozilla.org/security/known-vulnerabilities/firefox20.html
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 34318
    published 2008-10-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34318
    title openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-5640)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-645-2.NASL
    description USN-645-1 fixed vulnerabilities in Firefox and xulrunner for Ubuntu 7.04, 7.10 and 8.04 LTS. This provides the corresponding update for Ubuntu 6.06 LTS. Justin Schuh, Tom Cross and Peter Williams discovered errors in the Firefox URL parsing routines. If a user were tricked into opening a crafted hyperlink, an attacker could overflow a stack buffer and execute arbitrary code. (CVE-2008-0016) It was discovered that the same-origin check in Firefox could be bypassed. If a user were tricked into opening a malicious website, an attacker may be able to execute JavaScript in the context of a different website. (CVE-2008-3835) Several problems were discovered in the JavaScript engine. This could allow an attacker to execute scripts from page content with chrome privileges. (CVE-2008-3836) Paul Nickerson discovered Firefox did not properly process mouse click events. If a user were tricked into opening a malicious web page, an attacker could move the content window, which could potentially be used to force a user to perform unintended drag and drop operations. (CVE-2008-3837) Several problems were discovered in the browser engine. This could allow an attacker to execute code with chrome privileges. (CVE-2008-4058, CVE-2008-4059, CVE-2008-4060) Drew Yao, David Maciejak and other Mozilla developers found several problems in the browser engine of Firefox. If a user were tricked into opening a malicious web page, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064) Dave Reed discovered a flaw in the JavaScript parsing code when processing certain BOM characters. An attacker could exploit this to bypass script filters and perform cross-site scripting attacks. (CVE-2008-4065) Gareth Heyes discovered a flaw in the HTML parser of Firefox. If a user were tricked into opening a malicious web page, an attacker could bypass script filtering and perform cross-site scripting attacks. (CVE-2008-4066) Boris Zbarsky and Georgi Guninski independently discovered flaws in the resource: protocol. An attacker could exploit this to perform directory traversal, read information about the system, and prompt the user to save information in a file. (CVE-2008-4067, CVE-2008-4068) Billy Hoffman discovered a problem in the XBM decoder. If a user were tricked into opening a malicious web page or XBM file, an attacker may be able to cause a denial of service via application crash. (CVE-2008-4069). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 65110
    published 2013-03-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=65110
    title Ubuntu 6.06 LTS : firefox vulnerabilities (USN-645-2)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-645-1.NASL
    description Justin Schuh, Tom Cross and Peter Williams discovered errors in the Firefox URL parsing routines. If a user were tricked into opening a crafted hyperlink, an attacker could overflow a stack buffer and execute arbitrary code. (CVE-2008-0016) It was discovered that the same-origin check in Firefox could be bypassed. If a user were tricked into opening a malicious website, an attacker may be able to execute JavaScript in the context of a different website. (CVE-2008-3835) Several problems were discovered in the JavaScript engine. This could allow an attacker to execute scripts from page content with chrome privileges. (CVE-2008-3836) Paul Nickerson discovered Firefox did not properly process mouse click events. If a user were tricked into opening a malicious web page, an attacker could move the content window, which could potentially be used to force a user to perform unintended drag and drop operations. (CVE-2008-3837) Several problems were discovered in the browser engine. This could allow an attacker to execute code with chrome privileges. (CVE-2008-4058, CVE-2008-4059, CVE-2008-4060) Drew Yao, David Maciejak and other Mozilla developers found several problems in the browser engine of Firefox. If a user were tricked into opening a malicious web page, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-4061, CVE-2008-4062, CVE-2008-4063, CVE-2008-4064) Dave Reed discovered a flaw in the JavaScript parsing code when processing certain BOM characters. An attacker could exploit this to bypass script filters and perform cross-site scripting attacks. (CVE-2008-4065) Gareth Heyes discovered a flaw in the HTML parser of Firefox. If a user were tricked into opening a malicious web page, an attacker could bypass script filtering and perform cross-site scripting attacks. (CVE-2008-4066) Boris Zbarsky and Georgi Guninski independently discovered flaws in the resource: protocol. An attacker could exploit this to perform directory traversal, read information about the system, and prompt the user to save information in a file. (CVE-2008-4067, CVE-2008-4068) Billy Hoffman discovered a problem in the XBM decoder. If a user were tricked into opening a malicious web page or XBM file, an attacker may be able to cause a denial of service via application crash. (CVE-2008-4069). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 36243
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36243
    title Ubuntu 7.04 / 7.10 / 8.04 LTS : firefox, firefox-3.0, xulrunner-1.9 vulnerabilities (USN-645-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_MOZILLAFIREFOX-5644.NASL
    description This update brings MozillaFirefox to version 2.0.0.17 to fix bugs and security issues : - XBM image uninitialized memory reading. (MFSA 2008-45 / CVE-2008-4069) - resource: traversal vulnerabilities. (MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068) - BOM characters stripped from JavaScript before execution CVE-2008-4065: Stripped BOM characters bug CVE-2008-4066: HTML escaped low surrogates bug. (MFSA 2008-43) - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17): CVE-2008-4061: Jesse Ruderman reported a crash in the layout engine. CVE-2008-4062: Igor Bukanov, Philip Taylor, Georgi Guninski, and Antoine Labour reported crashes in the JavaScript engine. CVE-2008-4063: Jesse Ruderman, Bob Clary, and Martijn Wargers reported crashes in the layout engine which only affected Firefox 3. CVE-2008-4064: David Maciejak and Drew Yao reported crashes in graphics rendering which only affected Firefox 3. (MFSA 2008-42) - Privilege escalation via XPCnativeWrapper pollution CVE-2008-4058: XPCnativeWrapper pollution bugs CVE-2008-4059: XPCnativeWrapper pollution (Firefox 2) CVE-2008-4060: Documents without script handling objects. (MFSA 2008-41) - Forced mouse drag. (MFSA 2008-40 / CVE-2008-3837) - Privilege escalation using feed preview page and XSS flaw. (MFSA 2008-39 / CVE-2008-3836) - nsXMLDocument::OnChannelRedirect() same-origin violation. (MFSA 2008-38 / CVE-2008-3835) - UTF-8 URL stack buffer overflow. (MFSA 2008-37 / CVE-2008-0016) For more details: http://www.mozilla.org/security/known-vulnerabilities/firefo x20.html
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 34319
    published 2008-10-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34319
    title SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 5644)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_MOZILLA-XULRUNNER181-5656.NASL
    description This update brings mozilla-xulrunner181 to security fix version 1.8.1.17. It contains the following security fixes: MFSA 2008-45 / CVE-2008-4069: XBM image uninitialized memory reading MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068: resource: traversal vulnerabilities MFSA 2008-43: BOM characters stripped from JavaScript before execution CVE-2008-4065: Stripped BOM characters bug CVE-2008-4066: HTML escaped low surrogates bug MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17): CVE-2008-4061: Jesse Ruderman reported a crash in the layout engine. CVE-2008-4062: Igor Bukanov, Philip Taylor, Georgi Guninski, and Antoine Labour reported crashes in the JavaScript engine. CVE-2008-4063: Jesse Ruderman, Bob Clary, and Martijn Wargers reported crashes in the layout engine which only affected Firefox 3. CVE-2008-4064: David Maciejak and Drew Yao reported crashes in graphics rendering which only affected Firefox 3. MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution CVE-2008-4058: XPCnativeWrapper pollution bugs CVE-2008-4059: XPCnativeWrapper pollution (Firefox 2) CVE-2008-4060: Documents without script handling objects MFSA 2008-40 / CVE-2008-3837: Forced mouse drag MFSA 2008-39 / CVE-2008-3836: Privilege escalation using feed preview page and XSS flaw MFSA 2008-38 / CVE-2008-3835: nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-37 / CVE-2008-0016: UTF-8 URL stack buffer overflow For more details: http://www.mozilla.org/security/known-vulnerabilities/firefox20.html
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 34367
    published 2008-10-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34367
    title openSUSE 10 Security Update : mozilla-xulrunner181 (mozilla-xulrunner181-5656)
  • NASL family Windows
    NASL id MOZILLA_FIREFOX_20017.NASL
    description The installed version of Firefox is affected by various security issues : - Using a specially crafted UTF-8 URL in a hyperlink, an attacker might be able to exploit a stack buffer overflow in the Mozilla URL parsing routes to execute arbitrary code (MFSA 2008-37). - It is possible to bypass the same-origin check in 'nsXMLDocument::OnChannelRedirect()' (MFSA 2008-38). - There are a series of vulnerabilities in 'feedWriter' that allow scripts from page content to run with chrome privileges (MFSA 2008-39). - An attacker can cause the content window to move while the mouse is being clicked, causing an item to be dragged rather than clicked-on (MFSA 2008-40). - Privilege escalation is possible via 'XPCnativeWrapper' pollution (MFSA 2008-41). - There are several stability bugs in the browser engine that may lead to crashes with evidence of memory corruption (MFSA 2008-42). - Certain BOM characters and low surrogate characters, if HTML-escaped, are stripped from JavaScript code before it is executed, which could allow for cross- site scripting attacks (MFSA 2008-43). - The 'resource:' protocol allows directory traversal on Linux when using URL-encoded slashes, and it can by used to bypass restrictions on local HTML files (MFSA 2008-44). - A bug in the XBM decoder allows random small chunks of uninitialized memory to be read (MFSA 2008-45).
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 34268
    published 2008-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34268
    title Firefox < 2.0.0.17 Multiple Vulnerabilities
oval via4
accepted 2013-04-29T04:15:34.432-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description in the nsSVGFEGaussianBlurElement::SetupPredivide function in nsSVGFilters.cpp.
family unix
id oval:org.mitre.oval:def:11743
status accepted
submitted 2010-07-09T03:56:16-04:00
title Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to graphics rendering and (1) handling of a long alert messagebox in the cairo_surface_set_device_offset function, (2) integer overflows when handling animated PNG data in the info_callback function in nsPNGDecoder.cpp, and (3) an integer overflow when handling SVG data in the nsSVGFEGaussianBlurElement::SetupPredivide function in nsSVGFilters.cpp.
version 24
redhat via4
advisories
rhsa
id RHSA-2008:0879
rpms
  • firefox-0:3.0.2-3.el4
  • yelp-0:2.16.0-21.el5
  • devhelp-0:0.12-19.el5
  • devhelp-devel-0:0.12-19.el5
  • nss-0:3.12.1.1-1.el5
  • nss-devel-0:3.12.1.1-1.el5
  • nss-pkcs11-devel-0:3.12.1.1-1.el5
  • nss-tools-0:3.12.1.1-1.el5
  • xulrunner-0:1.9.0.2-5.el5
  • xulrunner-devel-0:1.9.0.2-5.el5
  • xulrunner-devel-unstable-0:1.9.0.2-5.el5
  • firefox-0:3.0.2-3.el5
refmap via4
bid 31346
confirm
fedora FEDORA-2008-8425
sectrack 1020916
secunia
  • 31987
  • 32011
  • 32012
  • 32025
  • 32044
  • 32082
  • 32089
  • 32095
  • 32096
  • 32196
  • 34501
slackware
  • SSA:2008-269-02
  • SSA:2008-270-01
sunalert 256408
suse SUSE-SA:2008:050
ubuntu
  • USN-645-1
  • USN-645-2
  • USN-647-1
vupen
  • ADV-2008-2661
  • ADV-2009-0977
xf firefox-imagegraphics-code-execution(45357)
Last major update 29-10-2012 - 23:16
Published 24-09-2008 - 16:37
Last modified 28-09-2017 - 21:31
Back to Top