CVE-2008-4062

Priority
Description
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and
3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12
allow remote attackers to cause a denial of service (memory corruption and
application crash) or possibly execute arbitrary code via vectors related
to the JavaScript engine and (1) misinterpretation of the characteristics
of Namespace and QName in jsxml.c, (2) misuse of signed integers in the
nsEscapeCount function in nsEscape.cpp, and (3) interaction of JavaScript
garbage collection with certain use of an NPObject in the
nsNPObjWrapper::GetNewOrUsed function in nsJSNPRuntime.cpp.
Package
Upstream:released (2.0.0.17)
Package
Upstream:released (3.0.3)
Package
Upstream:needs-triage
Package
Priority: Low
Upstream:needs-triage
Package
Upstream:released (1.1.12)
Package
Priority: Low
Upstream:released (2.0.0.17)
Package
Upstream:needs-triage
Package
Upstream:released (1.9.0.3)
More Information

Updated: 2019-03-19 11:47:07 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)