Unrated severityNVD Advisory· Published Sep 24, 2008· Updated Jun 16, 2026
CVE-2008-4058
CVE-2008-4058
Description
The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to (1) chrome XBL and (2) chrome JS.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
12cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: <2.0.0.17
- (no CPE)range: <2.0.0.17
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*range: <1.1.12
- (no CPE)range: <1.1.12
cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*range: <2.0.0.17
- (no CPE)range: <2.0.0.17
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
Patches
Vulnerability mechanics
References
52- download.novell.com/DownloadnvdThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.htmlnvdThird Party Advisory
- secunia.com/advisories/31984nvdThird Party Advisory
- secunia.com/advisories/31985nvdThird Party Advisory
- secunia.com/advisories/31987nvdThird Party Advisory
- secunia.com/advisories/32007nvdThird Party Advisory
- secunia.com/advisories/32010nvdThird Party Advisory
- secunia.com/advisories/32011nvdThird Party Advisory
- secunia.com/advisories/32012nvdThird Party Advisory
- secunia.com/advisories/32025nvdThird Party Advisory
- secunia.com/advisories/32042nvdThird Party Advisory
- secunia.com/advisories/32044nvdThird Party Advisory
- secunia.com/advisories/32082nvdThird Party Advisory
- secunia.com/advisories/32089nvdThird Party Advisory
- secunia.com/advisories/32092nvdThird Party Advisory
- secunia.com/advisories/32095nvdThird Party Advisory
- secunia.com/advisories/32096nvdThird Party Advisory
- secunia.com/advisories/32144nvdThird Party Advisory
- secunia.com/advisories/32185nvdThird Party Advisory
- secunia.com/advisories/32196nvdThird Party Advisory
- secunia.com/advisories/32845nvdThird Party Advisory
- secunia.com/advisories/33433nvdThird Party Advisory
- secunia.com/advisories/33434nvdThird Party Advisory
- secunia.com/advisories/34501nvdThird Party Advisory
- slackware.com/security/viewer.phpnvdThird Party Advisory
- slackware.com/security/viewer.phpnvdThird Party Advisory
- slackware.com/security/viewer.phpnvdThird Party Advisory
- www.debian.org/security/2008/dsa-1649nvdThird Party Advisory
- www.debian.org/security/2008/dsa-1669nvdThird Party Advisory
- www.debian.org/security/2009/dsa-1696nvdThird Party Advisory
- www.debian.org/security/2009/dsa-1697nvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.mozilla.org/security/announce/2008/mfsa2008-41.htmlnvdVendor Advisory
- www.redhat.com/support/errata/RHSA-2008-0879.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2008-0882.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2008-0908.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/31346nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/usn-645-1nvdThird Party Advisory
- www.ubuntu.com/usn/usn-645-2nvdThird Party Advisory
- www.ubuntu.com/usn/usn-647-1nvdThird Party Advisory
- www.vupen.com/english/advisories/2008/2661nvdThird Party Advisory
- www.vupen.com/english/advisories/2009/0977nvdThird Party Advisory
- bugzilla.mozilla.org/show_bug.cginvdIssue TrackingVendor Advisory
- bugzilla.mozilla.org/show_bug.cginvdIssue TrackingVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/45349nvdThird Party AdvisoryVDB Entry
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9679nvdThird Party Advisory
- www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.htmlnvdThird Party Advisory
- www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.htmlnvdThird Party Advisory
- www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.htmlnvdThird Party Advisory
- sunsolve.sun.com/search/document.donvdBroken Link
News mentions
0No linked articles in our index yet.