CVE - CVE-2008-4063

CVE-ID
CVE-2008-4063	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and (1) a zero value of the "this" variable in the nsContentList::Item function; (2) interaction of the indic IME extension, a Hindi language selection, and the "g" character; and (3) interaction of the nsFrameList::SortByContentOrder function with a certain insufficient protection of inline frames.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
CONFIRM:http://www.mozilla.org/security/announce/2008/mfsa2008-42.html CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=413048 CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=433758 CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=444452 FEDORA:FEDORA-2008-8425 URL:https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html REDHAT:RHSA-2008:0879 URL:http://www.redhat.com/support/errata/RHSA-2008-0879.html SLACKWARE:SSA:2008-269-02 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422 SLACKWARE:SSA:2008-270-01 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123 SUNALERT:256408 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 SUSE:SUSE-SA:2008:050 URL:http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html UBUNTU:USN-647-1 URL:http://www.ubuntu.com/usn/usn-647-1 UBUNTU:USN-645-1 URL:http://www.ubuntu.com/usn/usn-645-1 UBUNTU:USN-645-2 URL:http://www.ubuntu.com/usn/usn-645-2 BID:31346 URL:http://www.securityfocus.com/bid/31346 OVAL:oval:org.mitre.oval:def:11151 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11151 SECUNIA:34501 URL:http://secunia.com/advisories/34501 SECUNIA:32196 URL:http://secunia.com/advisories/32196 VUPEN:ADV-2008-2661 URL:http://www.vupen.com/english/advisories/2008/2661 SECTRACK:1020916 URL:http://www.securitytracker.com/id?1020916 SECUNIA:32025 URL:http://secunia.com/advisories/32025 SECUNIA:32044 URL:http://secunia.com/advisories/32044 SECUNIA:32082 URL:http://secunia.com/advisories/32082 SECUNIA:32089 URL:http://secunia.com/advisories/32089 SECUNIA:32095 URL:http://secunia.com/advisories/32095 SECUNIA:32096 URL:http://secunia.com/advisories/32096 SECUNIA:31987 URL:http://secunia.com/advisories/31987 SECUNIA:32011 URL:http://secunia.com/advisories/32011 SECUNIA:32012 URL:http://secunia.com/advisories/32012 VUPEN:ADV-2009-0977 URL:http://www.vupen.com/english/advisories/2009/0977 XF:mozilla-firefox-layout-code-execution(45354) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/45354
Assigning CNA
N/A
Date Entry Created
20080912	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20080912)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org