Lucene search

PRIOn knowledge basePRION:CVE-2008-4059

HistorySep 24, 2008 - 8:37 p.m.

Code injection

2008-09-2420:37:00

PRIOn knowledge base

www.prio-n.com

7.4 High

AI Score

Confidence

Low

0.211 Low

EPSS

Percentile

96.5%

JSON

The XPConnect component in Mozilla Firefox before 2.0.0.17 allows remote attackers to “pollute XPCNativeWrappers” and execute arbitrary code with chrome privileges via vectors related to a SCRIPT element.

CPENameOperatorVersion
firefoxeq0.9.0-rc
firefoxeq0.8
firefoxeq2.0.0.12
firefoxeq1.5 beta2
firefoxeq1.5.2
firefoxeq1.5.0.6
firefoxeq1.8
firefoxeq2.0.0.2
firefoxeq1.5.0.10
firefoxeq1.5.0.3

Name	Operator	Version
firefox	eq	0.9.0-rc
firefox	eq	0.8
firefox	eq	2.0.0.12
firefox	eq	1.5 beta2
firefox	eq	1.5.2
firefox	eq	1.5.0.6
firefox	eq	1.8
firefox	eq	2.0.0.2
firefox	eq	1.5.0.10
firefox	eq	1.5.0.3

Rows per page:

1-10 of 641

References

download.novell.com/Download?buildid=WZXONb-tqBw~

lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html

secunia.com/advisories/31984

secunia.com/advisories/31985

secunia.com/advisories/32007

secunia.com/advisories/32010

secunia.com/advisories/32012

secunia.com/advisories/32025

secunia.com/advisories/32042

secunia.com/advisories/32044

secunia.com/advisories/32082

secunia.com/advisories/32092

secunia.com/advisories/32144

secunia.com/advisories/32185

secunia.com/advisories/32196

secunia.com/advisories/32845

secunia.com/advisories/33433

secunia.com/advisories/33434

secunia.com/advisories/34501

slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422

slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232

slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123

sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1

www.debian.org/security/2008/dsa-1649

www.debian.org/security/2008/dsa-1669

www.debian.org/security/2009/dsa-1696

www.debian.org/security/2009/dsa-1697

www.mandriva.com/security/advisories?name=MDVSA-2008:205

www.mandriva.com/security/advisories?name=MDVSA-2008:206

www.mozilla.org/security/announce/2008/mfsa2008-41.html

www.redhat.com/support/errata/RHSA-2008-0882.html

www.redhat.com/support/errata/RHSA-2008-0908.html

www.securityfocus.com/bid/31346

www.securitytracker.com/id?1020915

www.ubuntu.com/usn/usn-645-1

www.ubuntu.com/usn/usn-645-2

www.ubuntu.com/usn/usn-647-1

www.vupen.com/english/advisories/2008/2661

www.vupen.com/english/advisories/2009/0977

bugzilla.mozilla.org/show_bug.cgi?id=419848

exchange.xforce.ibmcloud.com/vulnerabilities/45352

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9529

www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html

www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html