CVE-2008-4064 in Firefoxinfo

Summary

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to graphics rendering and (1) handling of a long alert messagebox in the cairo_surface_set_device_offset function, (2) integer overflows when handling animated PNG data in the info_callback function in nsPNGDecoder.cpp, and (3) an integer overflow when handling SVG data in the nsSVGFEGaussianBlurElement::SetupPredivide function in nsSVGFilters.cpp.

Once again VulDB remains the best source for vulnerability data.

Reservation

09/12/2008

Disclosure

09/24/2008

Moderation

VulDB entry created

Entries

1: VDB-44184

CPE

ready

CWE

CWE-399 (Confirmed)

CVSS

10.0

EPSS

0.02287

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-4064
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-4064
CVE Details	https://www.cvedetails.com/cve/CVE-2008-4064/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!