1. Home
  2. Vulnerabilities
  3. CVE-2008-4064

CVE-2008-4064

CVSS v2.0 10 (High)
100% Progress
EPSS 39.37 % (97th)
39.37% Progress
Affected Products 1
Advisories 8
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to graphics rendering and (1) handling of a long alert messagebox in the cairo_surface_set_device_offset function, (2) integer overflows when handling animated PNG data in the info_callback function in nsPNGDecoder.cpp, and (3) an integer overflow when handling SVG data in the nsSVGFEGaussianBlurElement::SetupPredivide function in nsSVGFilters.cpp.

Weaknesses
CWE-399
Resource Management Errors
CWE-NVD-noinfo
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2008-09-24 20:37:04
(16 years ago)
Updated Date
2017-09-29 01:31:58
(7 years ago)

Affected Products

Mozilla

Configuration #1

    CPE23 From Up To
  Mozilla Firefox 3.0.1 and prior versions cpe:2.3:a:mozilla:firefox <= 3.0.1
  Mozilla Firefox 3.0 cpe:2.3:a:mozilla:firefox:3.0