Vulnerability Name:

CVE-2008-4058 (CCN-45349)

Assigned:2008-09-23
Published:2008-09-23
Updated:2018-11-01
Summary:The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to (1) chrome XBL and (2) chrome JS.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-264
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2008-4058

Source: CONFIRM
Type: Third Party Advisory
http://download.novell.com/Download?buildid=WZXONb-tqBw~

Source: SUSE
Type: Third Party Advisory
SUSE-SA:2008:050

Source: CCN
Type: RHSA-2008-0879
Critical: firefox security update

Source: CCN
Type: RHSA-2008-0882
Critical: seamonkey security update

Source: CCN
Type: RHSA-2008-0908
Moderate: thunderbird security update

Source: CCN
Type: SA31984
Mozilla Firefox 2 Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
31984

Source: SECUNIA
Type: Third Party Advisory
31985

Source: SECUNIA
Type: Third Party Advisory
31987

Source: CCN
Type: SA32007
Mozilla Thunderbird Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
32007

Source: CCN
Type: SA32010
Mozilla SeaMonkey Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
32010

Source: CCN
Type: SA32011
Mozilla Firefox 3 Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
32011

Source: SECUNIA
Type: Third Party Advisory
32012

Source: SECUNIA
Type: Third Party Advisory
32025

Source: SECUNIA
Type: Third Party Advisory
32042

Source: SECUNIA
Type: Third Party Advisory
32044

Source: SECUNIA
Type: Third Party Advisory
32082

Source: SECUNIA
Type: Third Party Advisory
32089

Source: SECUNIA
Type: Third Party Advisory
32092

Source: SECUNIA
Type: Third Party Advisory
32095

Source: SECUNIA
Type: Third Party Advisory
32096

Source: SECUNIA
Type: Third Party Advisory
32144

Source: SECUNIA
Type: Third Party Advisory
32185

Source: SECUNIA
Type: Third Party Advisory
32196

Source: SECUNIA
Type: Third Party Advisory
32845

Source: SECUNIA
Type: Third Party Advisory
33433

Source: SECUNIA
Type: Third Party Advisory
33434

Source: CCN
Type: SA34501
Sun Solaris Firefox Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
34501

Source: CCN
Type: SECTRACK ID: 1020915
Mozilla Firefox XPCnativeWrapper Bugs Let Remote Users Execute Arbitrary Code

Source: SLACKWARE
Type: Third Party Advisory
SSA:2008-269-02

Source: SLACKWARE
Type: Third Party Advisory
SSA:2008-269-01

Source: SLACKWARE
Type: Third Party Advisory
SSA:2008-270-01

Source: SUNALERT
Type: Broken Link
256408

Source: CCN
Type: Sun Alert ID: 256408
Multiple Security Vulnerabilities in Firefox Versions Before 2.0.0.19 May Allow Execution of Arbitrary Code or Access to Unauthorized Data

Source: CCN
Type: ASA-2008-389
thunderbird security update (RHSA-2008-0908)

Source: CCN
Type: ASA-2008-421
seamonkey security update (RHSA-2008-0882)

Source: CCN
Type: ASA-2008-422
firefox security update (RHSA-2008-0879)

Source: CCN
Type: ASA-2009-158
Multiple Security Vulnerabilities in Firefox Versions Before 2.0.0.19 May Allow Execution of Arbitrary Code or Access to unauthorized Data (Sun 256408)

Source: CCN
Type: NORTEL BULLETIN ID: 2009009505, Rev 1
Nortel Response to Sun Alert 256408 - Solaris 10 - Vulnerabilities in Firefox May Allow Execution of Arbitrary Code

Source: DEBIAN
Type: Third Party Advisory
DSA-1649

Source: DEBIAN
Type: Third Party Advisory
DSA-1669

Source: DEBIAN
Type: Third Party Advisory
DSA-1696

Source: DEBIAN
Type: Third Party Advisory
DSA-1697

Source: DEBIAN
Type: DSA-1649
iceweasel -- several vulnerabilities

Source: DEBIAN
Type: DSA-1669
xulrunner -- several vulnerabilities

Source: DEBIAN
Type: DSA-1696
icedove -- several vulnerabilities

Source: DEBIAN
Type: DSA-1697
iceape -- several vulnerabilities

Source: MANDRIVA
Type: Third Party Advisory
MDVSA-2008:205

Source: MANDRIVA
Type: Third Party Advisory
MDVSA-2008:206

Source: CCN
Type: MFSA 2008-41
Privilege escalation via XPCnativeWrapper pollution

Source: CONFIRM
Type: Vendor Advisory
http://www.mozilla.org/security/announce/2008/mfsa2008-41.html

Source: REDHAT
Type: Third Party Advisory
RHSA-2008:0879

Source: REDHAT
Type: Third Party Advisory
RHSA-2008:0882

Source: REDHAT
Type: Third Party Advisory
RHSA-2008:0908

Source: BID
Type: Third Party Advisory, VDB Entry
31346

Source: CCN
Type: BID-31346
Mozilla Firefox/SeaMonkey/Thunderbird Multiple Remote Vulnerabilities

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1020915

Source: CCN
Type: USN-645-1
Firefox and xulrunner vulnerabilities

Source: UBUNTU
Type: Third Party Advisory
USN-645-1

Source: CCN
Type: USN-645-2
Firefox vulnerabilities

Source: UBUNTU
Type: Third Party Advisory
USN-645-2

Source: CCN
Type: USN-645-3
Firefox and xulrunner regression

Source: CCN
Type: USN-647-1
Thunderbird vulnerabilities

Source: UBUNTU
Type: Third Party Advisory
USN-647-1

Source: VUPEN
Type: Third Party Advisory
ADV-2008-2661

Source: VUPEN
Type: Third Party Advisory
ADV-2009-0977

Source: CCN
Type: Bugzilla@Mozilla - Bug 444073
Script evaluated by Components.utils.evalInSandbox() can pollute implicit XPCNativeWrapper

Source: CCN
Type: Bugzilla@Mozilla - Bug 444075
XPCNativeWrapper pollution using chrome XBL

Source: CONFIRM
Type: Issue Tracking, Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=444075

Source: CCN
Type: Bugzilla@Mozilla - Bug 444077
XPCNativeWrapper pollution using chrome JS

Source: CONFIRM
Type: Issue Tracking, Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=444077

Source: XF
Type: Third Party Advisory, VDB Entry
firefox3-xpcnativewrappers-code-execution(45349)

Source: XF
Type: UNKNOWN
firefox3-xpcnativewrappers-code-execution(45349)

Source: OVAL
Type: Third Party Advisory
oval:org.mitre.oval:def:9679

Source: FEDORA
Type: Third Party Advisory
FEDORA-2008-8425

Source: FEDORA
Type: Third Party Advisory
FEDORA-2008-8401

Source: FEDORA
Type: Third Party Advisory
FEDORA-2008-8429

Source: SUSE
Type: SUSE-SA:2008:050
Mozilla security problems

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mozilla:firefox:*:*:*:*:*:*:*:* (Version < 2.0.0.17)
  • OR cpe:/a:mozilla:firefox:*:*:*:*:*:*:*:* (Version >= 3.0 and < 3.0.2)
  • OR cpe:/a:mozilla:seamonkey:*:*:*:*:*:*:*:* (Version < 1.1.12)
  • OR cpe:/a:mozilla:thunderbird:*:*:*:*:*:*:*:* (Version < 2.0.0.17)

    • Configuration 2:
  • cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration RedHat 10:
  • cpe:/a:redhat:rhel_productivity:5:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:mozilla:firefox:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:7.04:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:7.10:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*
  • OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:10.2:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:8.04::lts:*:*:*:*:*
  • OR cpe:/o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
  • OR cpe:/o:novell:suse_linux_enterprise_server:10:sp2:itanium_ia64:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20084058
    V
    		CVE-2008-4058
    2022-06-30
    oval:org.opensuse.security:def:111905
    P
    		MozillaThunderbird-91.1.1-1.1 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:105478
    P
    		MozillaThunderbird-91.1.1-1.1 on GA media (Moderate)
    2021-10-01
    oval:org.mitre.oval:def:28693
    P
    		RHSA-2008:0908 -- thunderbird security update (Moderate)
    2015-08-17
    oval:org.mitre.oval:def:29008
    P
    		RHSA-2008:0879 -- firefox security update (Critical)
    2015-08-17
    oval:org.mitre.oval:def:17610
    P
    		USN-647-1 -- mozilla-thunderbird, thunderbird vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:17626
    P
    		USN-645-1 -- firefox, firefox-3.0, xulrunner-1.9 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:17661
    P
    		USN-645-3 -- firefox-3.0, xulrunner-1.9 regression
    2014-06-30
    oval:org.mitre.oval:def:17769
    P
    		USN-645-2 -- firefox vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:7657
    P
    		DSA-1649 iceweasel -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:19874
    P
    		DSA-1669-1 xulrunner - several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:7740
    P
    		DSA-1669 xulrunner -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:19884
    P
    		DSA-1649-1 iceweasel - several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:12973
    P
    		DSA-1696-1 icedove -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:7950
    P
    		DSA-1697 iceape -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:13245
    P
    		DSA-1697-1 iceape -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:8021
    P
    		DSA-1696 icedove -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:22664
    P
    		ELSA-2008:0908: thunderbird security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:22483
    P
    		ELSA-2008:0879: firefox security update (Critical)
    2014-05-26
    oval:org.mitre.oval:def:9679
    V
    		The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to (1) chrome XBL and (2) chrome JS.
    2013-04-29
    oval:org.debian:def:1696
    V
    		several vulnerabilities
    2009-01-07
    oval:org.debian:def:1697
    V
    		several vulnerabilities
    2009-01-07
    oval:org.debian:def:1669
    V
    		several vulnerabilities
    2008-11-23
    oval:org.debian:def:1649
    V
    		several vulnerabilities
    2008-10-08
    oval:com.redhat.rhsa:def:20080908
    P
    		RHSA-2008:0908: thunderbird security update (Moderate)
    2008-10-01
    oval:com.redhat.rhsa:def:20080879
    P
    		RHSA-2008:0879: firefox security update (Critical)
    2008-09-24
    oval:com.redhat.rhsa:def:20080882
    P
    		RHSA-2008:0882: seamonkey security update (Critical)
    2008-09-24
    BACK
    mozilla firefox *
    mozilla firefox *
    mozilla seamonkey *
    mozilla thunderbird *
    debian debian linux 4.0
    canonical ubuntu linux 6.06
    canonical ubuntu linux 7.04
    canonical ubuntu linux 7.10
    canonical ubuntu linux 8.04
    mozilla firefox 3.0
    mozilla firefox 3.0.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    suse suse linux 9.0
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    novell linux desktop 9
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat linux advanced workstation 2.1
    canonical ubuntu 6.06
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 5
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2008.0
    debian debian linux 4.0
    canonical ubuntu 7.04
    redhat enterprise linux 5
    canonical ubuntu 7.10
    mandrakesoft mandrake linux 2008.0
    mandrakesoft mandrake linux 2008.1 x86_64
    novell open enterprise server *
    novell opensuse 10.2
    novell opensuse 10.3
    mandrakesoft mandrake linux 2008.1
    canonical ubuntu 8.04
    novell opensuse 11.0
    novell suse linux enterprise server 10 sp2