Unrated severityNVD Advisory· Published Sep 24, 2008· Updated Jun 16, 2026
CVE-2008-4064
CVE-2008-4064
Description
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to graphics rendering and (1) handling of a long alert messagebox in the cairo_surface_set_device_offset function, (2) integer overflows when handling animated PNG data in the info_callback function in nsPNGDecoder.cpp, and (3) an integer overflow when handling SVG data in the nsSVGFEGaussianBlurElement::SetupPredivide function in nsSVGFilters.cpp.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*range: <=3.0.1
- cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*
- (no CPE)range: <3.0.2
Patches
Vulnerability mechanics
References
30- lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.htmlnvd
- secunia.com/advisories/31987nvd
- secunia.com/advisories/32011nvd
- secunia.com/advisories/32012nvd
- secunia.com/advisories/32025nvd
- secunia.com/advisories/32044nvd
- secunia.com/advisories/32082nvd
- secunia.com/advisories/32089nvd
- secunia.com/advisories/32095nvd
- secunia.com/advisories/32096nvd
- secunia.com/advisories/32196nvd
- secunia.com/advisories/34501nvd
- slackware.com/security/viewer.phpnvd
- slackware.com/security/viewer.phpnvd
- sunsolve.sun.com/search/document.donvd
- www.mozilla.org/security/announce/2008/mfsa2008-42.htmlnvd
- www.redhat.com/support/errata/RHSA-2008-0879.htmlnvd
- www.securityfocus.com/bid/31346nvd
- www.securitytracker.com/idnvd
- www.ubuntu.com/usn/usn-645-1nvd
- www.ubuntu.com/usn/usn-645-2nvd
- www.ubuntu.com/usn/usn-647-1nvd
- www.vupen.com/english/advisories/2008/2661nvd
- www.vupen.com/english/advisories/2009/0977nvd
- bugzilla.mozilla.org/show_bug.cginvd
- bugzilla.mozilla.org/show_bug.cginvd
- bugzilla.mozilla.org/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/45357nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11743nvd
- www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.htmlnvd
News mentions
0No linked articles in our index yet.