CVE-2008-4058 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2008-4058 Interim 1 9 2024-09-24T02:28:22Z current 2021-05-30T12:43:50Z 2024-09-24T02:28:22Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2008-4058 The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to (1) chrome XBL and (2) chrome JS. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2HED4GVIK6PS6YN3W6DJZJ63F3ESARIV/#2HED4GVIK6PS6YN3W6DJZJ63F3ESARIV E-Mail link for SUSE-SA:2008:050 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LZWA5IC5L2QN74MAY2LDOH57OMCZY4GE/#LZWA5IC5L2QN74MAY2LDOH57OMCZY4GE E-Mail link for openSUSE-SU-2014:1100-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed MozillaThunderbird-91.1.1-1.1 MozillaThunderbird-translations-common-91.1.1-1.1 MozillaThunderbird-translations-other-91.1.1-1.1 MozillaThunderbird-91.1.1-1.1 as a component of openSUSE Tumbleweed MozillaThunderbird-translations-common-91.1.1-1.1 as a component of openSUSE Tumbleweed MozillaThunderbird-translations-other-91.1.1-1.1 as a component of openSUSE Tumbleweed The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to (1) chrome XBL and (2) chrome JS. CVE-2008-4058 openSUSE Tumbleweed:MozillaThunderbird-91.1.1-1.1 openSUSE Tumbleweed:MozillaThunderbird-translations-common-91.1.1-1.1 openSUSE Tumbleweed:MozillaThunderbird-translations-other-91.1.1-1.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P