CVE-2008-4059

🗓️ 24 Sep 2008 18:00:00Reported by redhatType

XPConnect component in Mozilla Firefox allows remote attackers to execute arbitrary code with chrome privileges via vectors related to a SCRIPT element

Reporter	Title	Published	Views	Family All 151
FreeBSD	mozilla -- multiple vulnerabilities	24 Sep 200800:00	–	freebsd
Tenable Nessus	Mozilla Firefox < 3.0.2 Multiple Vulnerabilities	24 Sep 200800:00	–	nessus
Tenable Nessus	Mozilla Firefox < 2.0.0.17 Multiple Vulnerabilities	24 Sep 200800:00	–	nessus
Tenable Nessus	SeaMonkey < 1.1.12 Multiple Vulnerabilities	24 Sep 200800:00	–	nessus
Tenable Nessus	Mozilla Thunderbird < 2.0.0.17 Multiple Vulnerabilities	26 Sep 200800:00	–	nessus
Tenable Nessus	CentOS 3 / 4 : seamonkey (CESA-2008:0882)	25 Sep 200800:00	–	nessus
Tenable Nessus	CentOS 4 / 5 : thunderbird (CESA-2008:0908)	6 Oct 200800:00	–	nessus
Tenable Nessus	Debian DSA-1649-1 : iceweasel - several vulnerabilities	9 Oct 200800:00	–	nessus
Tenable Nessus	Debian DSA-1669-1 : xulrunner - several vulnerabilities	24 Nov 200800:00	–	nessus
Tenable Nessus	Debian DSA-1696-1 : icedove - several vulnerabilities	8 Jan 200900:00	–	nessus

NVD

Node

mozilla firefox

mozilla firefoxRange≤2.0.0.17

mozilla firefoxMatch0.8

mozilla firefoxMatch0.9

mozilla firefoxMatch0.9rc

mozilla firefoxMatch0.9.1

mozilla firefoxMatch0.9.2

mozilla firefoxMatch0.9.3

mozilla firefoxMatch0.9_rc

mozilla firefoxMatch0.10

mozilla firefoxMatch0.10.1

mozilla firefoxMatch1.0

mozilla firefoxMatch1.0.1

mozilla firefoxMatch1.0.2

mozilla firefoxMatch1.0.3

mozilla firefoxMatch1.0.4

mozilla firefoxMatch1.0.5

mozilla firefoxMatch1.0.6

mozilla firefoxMatch1.0.6linux

mozilla firefoxMatch1.0.7

mozilla firefoxMatch1.0.8

mozilla firefoxMatch1.5

mozilla firefoxMatch1.5beta1

mozilla firefoxMatch1.5beta2

mozilla firefoxMatch1.5.0.1

mozilla firefoxMatch1.5.0.2

mozilla firefoxMatch1.5.0.3

mozilla firefoxMatch1.5.0.4

mozilla firefoxMatch1.5.0.5

mozilla firefoxMatch1.5.0.6

mozilla firefoxMatch1.5.0.7

mozilla firefoxMatch1.5.0.8

mozilla firefoxMatch1.5.0.9

mozilla firefoxMatch1.5.0.10

mozilla firefoxMatch1.5.0.11

mozilla firefoxMatch1.5.0.12

mozilla firefoxMatch1.5.1

mozilla firefoxMatch1.5.2

mozilla firefoxMatch1.5.3

mozilla firefoxMatch1.5.4

mozilla firefoxMatch1.5.5

mozilla firefoxMatch1.5.6

mozilla firefoxMatch1.5.7

mozilla firefoxMatch1.5.8

mozilla firefoxMatch1.8

mozilla firefoxMatch2.0

mozilla firefoxMatch2.0beta1

mozilla firefoxMatch2.0rc2

mozilla firefoxMatch2.0rc3

mozilla firefoxMatch2.0.0.1

mozilla firefoxMatch2.0.0.2

mozilla firefoxMatch2.0.0.3

mozilla firefoxMatch2.0.0.4

mozilla firefoxMatch2.0.0.5

mozilla firefoxMatch2.0.0.6

mozilla firefoxMatch2.0.0.7

mozilla firefoxMatch2.0.0.8

mozilla firefoxMatch2.0.0.9

mozilla firefoxMatch2.0.0.10

mozilla firefoxMatch2.0.0.11

mozilla firefoxMatch2.0.0.12

mozilla firefoxMatch2.0.0.13

mozilla firefoxMatch2.0.0.14

mozilla firefoxMatch2.0.0.15

mozilla firefoxMatch2.0.0.16

Source	Link
secunia	www.secunia.com/advisories/32012
vupen	www.vupen.com/english/advisories/2009/0977
slackware	www.slackware.com/security/viewer.php
download	www.download.novell.com/Download
secunia	www.secunia.com/advisories/32196
slackware	www.slackware.com/security/viewer.php
debian	www.debian.org/security/2009/dsa-1696
secunia	www.secunia.com/advisories/31985
redhat	www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html
secunia	www.secunia.com/advisories/32007

23 Apr 2026 00:35Current

9.6High risk

Vulners AI Score9.6

CVSS 27.5

EPSS0.07556

CWE-264