CVE-2008-4059

Impact:
Critical
Public Date:
2008-09-23
Bugzilla:
463192: CVE-2008-4059 Mozilla privilege escalation via XPCnativeWrapper pollution

The MITRE CVE dictionary describes this issue as:

The XPConnect component in Mozilla Firefox before 2.0.0.17 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to a SCRIPT element.

Find out more about CVE-2008-4059 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux Optional Productivity Applications version 5 (thunderbird) RHSA-2008:0908 2008-10-01
Red Hat Enterprise Linux version 4 (thunderbird) RHSA-2008:0908 2008-10-01
Red Hat Enterprise Linux version 2.1 (seamonkey) RHSA-2008:0882 2008-09-24
Red Hat Enterprise Linux version 3 (seamonkey) RHSA-2008:0882 2008-09-24
Red Hat Enterprise Linux Desktop version 5 (thunderbird) RHSA-2008:0908 2008-10-01
Red Hat Enterprise Linux version 4 RHSA-2008:0882 2008-09-24

Affected Packages State

Platform Package State
Red Hat Enterprise Linux version 4 devhelp 0.10-0.10.el4 Fixed
Red Hat Enterprise Linux version 4 seamonkey 1.0.9-26.el4 Fixed