CVE-2008-4061

{"id": "CVE-2008-4061", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-09-24T20:37:04.610", "references": [{"url": "http://download.novell.com/Download?buildid=WZXONb-tqBw~", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/31984", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/31985", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/31987", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/32007", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/32010", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/32011", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/32012", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/32025", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/32042", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/32044", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/32082", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/32089", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/32092", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/32095", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/32096", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/32144", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/32185", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/32196", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/32845", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/33433", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/33434", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/34501", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2008/dsa-1649", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2008/dsa-1669", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2009/dsa-1696", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.debian.org/security/2009/dsa-1697", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:205", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:206", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.mozilla.org/security/announce/2008/mfsa2008-42.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0879.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0882.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0908.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/31346", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1020916", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/usn-645-1", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/usn-645-2", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.ubuntu.com/usn/usn-647-1", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2661", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2009/0977", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=443089", "tags": ["Patch", "Issue Tracking", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45351", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10794", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-189"}]}], "descriptions": [{"lang": "en", "value": "Integer overflow in the MathML component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via an mtd element with a large integer value in the rowspan attribute, related to the layout engine."}, {"lang": "es", "value": "Desbordamiento de entero en el componente MathML de Mozilla Firefox antes de 2.0.0.17 y 3.x antes de 3.0.2, Thunderbird antes de 2.0.0.17, y SeaMonkey antes de 1.1.12 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante un elemento mtd con un valor entero grande en el atributo rowspan, relacionados con el motor de dise\u00f1o."}], "lastModified": "2018-11-01T16:23:32.677", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5E06AA5-4A7C-4C61-A5B8-A73E82C470E2", "versionEndExcluding": "2.0.0.17"}, {"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2063D1EA-2DF3-4321-AB5F-2CA620B63003", "versionEndExcluding": "3.0.2", "versionStartIncluding": "3.0"}, {"criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0C57F9A-9DD4-4F1A-A1A7-FA5325905C20", "versionEndExcluding": "1.1.12"}, {"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2480570-397B-442B-967C-96D49D0619D2", "versionEndExcluding": "2.0.0.17"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6EBDAFF8-DE44-4E80-B6BD-E341F767F501"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "823BF8BE-2309-4F67-A5E2-EAD98F723468"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "C91D2DBF-6DA7-4BA2-9F29-8BD2725A4701"}], "operator": "OR"}]}], "evaluatorComment": "NOTE: Thunderbird shares the browser engine with Firefox and could be vulnerable if JavaScript were to be enabled in mail. This is not the default setting and we strongly discourage users from running JavaScript in mail. Without further investigation we cannot rule out the possibility that for some of these an attacker might be able to prepare memory for exploitation through some means other than JavaScript such as large images.", "sourceIdentifier": "secalert@redhat.com"}