CVE-2008-4063

Canonical Ubuntu Linux < 3.0.1 - Denial of Service

Title source: rule
STIX 2.1

Description

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and (1) a zero value of the "this" variable in the nsContentList::Item function; (2) interaction of the indic IME extension, a Hindi language selection, and the "g" character; and (3) interaction of the nsFrameList::SortByContentOrder function with a certain insufficient protection of inline frames.

References (30)

Core 30
Core References
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=444452
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32025
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32011
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1020916
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=413048
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32096
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-645-1
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/45354
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/0977
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-645-2
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/31346
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11151
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32196
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2661
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32095
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32089
Vendor Advisory vendor-advisory x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2008-0879.html
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=433758
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31987
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-647-1
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32012
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32044
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/34501
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32082

Scores

EPSS 0.0396
EPSS Percentile 89.3%

Details

Status published
Products (6)
canonical/ubuntu_linux 6.06
canonical/ubuntu_linux 7.04
canonical/ubuntu_linux 7.10
canonical/ubuntu_linux 8.04
mozilla/firefox 3.0
mozilla/firefox < 3.0.1
Published Sep 24, 2008
Tracked Since Feb 18, 2026