Home > Vulnerability Database > CVE-2008-1233

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2008-1233

Date: March 27, 2008

Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via "XPCNativeWrapper pollution."

Severity Score

5.6

Related Resources (55)

Url: http://secunia.com/advisories/29541

Url: http://secunia.com/advisories/30094

Url: http://secunia.com/advisories/30370

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11078

Url: http://www.securitytracker.com/id?1019694

Url: http://secunia.com/advisories/30016

Url: http://rhn.redhat.com/errata/RHSA-2008-0208.html

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2008:155

Url: http://secunia.com/advisories/29539

Url: http://secunia.com/advisories/29616

Url: https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00058.html

Url: https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00074.html

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2008-1233

Url: http://secunia.com/advisories/29550

Url: https://nvd.nist.gov/vuln/detail/CVE-2008-1233

Url: http://secunia.com/advisories/29391

Url: http://www.securityfocus.com/bid/28448

Url: http://www.vupen.com/english/advisories/2008/0998/references

Url: http://www.vupen.com/english/advisories/2008/2091/references

Url: http://secunia.com/advisories/30327

Url: https://access.redhat.com/security/cve/CVE-2008-1233

Url: http://www.ubuntu.com/usn/usn-605-1

Url: http://www.debian.org/security/2008/dsa-1535

Url: http://www.debian.org/security/2008/dsa-1534

Url: http://www.debian.org/security/2008/dsa-1532

Url: http://www.ubuntu.com/usn/usn-592-1

Url: http://www.debian.org/security/2008/dsa-1574

Url: http://secunia.com/advisories/29547

Url: http://secunia.com/advisories/29548

Url: http://secunia.com/advisories/29560

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/41443

Url: http://secunia.com/advisories/31043

Url: http://secunia.com/advisories/30192

Url: http://www.redhat.com/support/errata/RHSA-2008-0209.html

Url: http://www.kb.cert.org/vuls/id/466521

Url: http://www.slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.447313

Url: http://www.vupen.com/english/advisories/2008/0999/references

Url: http://secunia.com/advisories/29558

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1

Url: http://www.redhat.com/support/errata/RHSA-2008-0207.html

Url: http://www.vupen.com/english/advisories/2008/1793/references

Url: http://secunia.com/advisories/30105

Url: http://secunia.com/advisories/30620

Url: http://www.us-cert.gov/cas/techalerts/TA08-087A.html

Url: http://www.securityfocus.com/archive/1/490196/100/0/threaded

Url: http://www.mozilla.org/security/announce/2008/mfsa2008-14.html

Url: http://secunia.com/advisories/29607

Url: http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml

Url: http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128

Url: http://secunia.com/advisories/29645

Url: http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2008:080

Url: http://secunia.com/advisories/29526

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-26-239546-1

Url: https://www.mend.io/vulnerability-database/CVE-2008-1233

Severity Score

5.6

Weakness Type (CWE)

Code Injection

CWE-94

CVSS v3.1

Base Score:	5.6
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	6.8
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Do you need more information?

Contact Us