CVE-2008-4070 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	10 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:C/I:C/A:C
redhat	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 83%

Vendor	Product	Version
mozilla	seamonkey	𝑥 ≤ 1.1.11
mozilla	seamonkey	1.0
mozilla	seamonkey	1.0
mozilla	seamonkey	1.0
mozilla	seamonkey	1.0:beta
mozilla	seamonkey	1.0.1
mozilla	seamonkey	1.0.2
mozilla	seamonkey	1.0.3
mozilla	seamonkey	1.0.4
mozilla	seamonkey	1.0.5
mozilla	seamonkey	1.0.6
mozilla	seamonkey	1.0.7
mozilla	seamonkey	1.0.8
mozilla	seamonkey	1.0.9
mozilla	seamonkey	1.0.99
mozilla	seamonkey	1.1
mozilla	seamonkey	1.1.1
mozilla	seamonkey	1.1.2
mozilla	seamonkey	1.1.10
mozilla	thunderbird	𝑥 ≤ 2.0.0.16
mozilla	thunderbird	0.1
mozilla	thunderbird	0.2
mozilla	thunderbird	0.3
mozilla	thunderbird	0.4
mozilla	thunderbird	0.5
mozilla	thunderbird	0.6
mozilla	thunderbird	0.7
mozilla	thunderbird	0.7.1
mozilla	thunderbird	0.7.2
mozilla	thunderbird	0.7.3
mozilla	thunderbird	0.8
mozilla	thunderbird	0.9
mozilla	thunderbird	1.0
mozilla	thunderbird	1.0.1
mozilla	thunderbird	1.0.2
mozilla	thunderbird	1.0.3
mozilla	thunderbird	1.0.4
mozilla	thunderbird	1.0.5
mozilla	thunderbird	1.0.5:beta
mozilla	thunderbird	1.0.6
mozilla	thunderbird	1.0.7
mozilla	thunderbird	1.0.8
mozilla	thunderbird	1.5
mozilla	thunderbird	1.5:beta2
mozilla	thunderbird	1.5.0.1
mozilla	thunderbird	1.5.0.2
mozilla	thunderbird	1.5.0.3
mozilla	thunderbird	1.5.0.4
mozilla	thunderbird	1.5.0.6
mozilla	thunderbird	1.5.0.7
mozilla	thunderbird	1.5.0.8
mozilla	thunderbird	1.5.0.9
mozilla	thunderbird	1.5.0.10
mozilla	thunderbird	1.5.0.11
mozilla	thunderbird	1.5.1
mozilla	thunderbird	1.5.2
mozilla	thunderbird	1.7.1
mozilla	thunderbird	1.7.3
mozilla	thunderbird	2.0.0.0
mozilla	thunderbird	2.0.0.1
mozilla	thunderbird	2.0.0.2
mozilla	thunderbird	2.0.0.3
mozilla	thunderbird	2.0.0.4
mozilla	thunderbird	2.0.0.5
mozilla	thunderbird	2.0.0.6
mozilla	thunderbird	2.0.0.7
mozilla	thunderbird	2.0.0.9
mozilla	thunderbird	2.0.0.11
mozilla	thunderbird	2.0.0.12
mozilla	thunderbird	2.0.0.13
mozilla	thunderbird	2.0.0.14
mozilla	thunderbird	2.0.0.15

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

mozilla-thunderbird

hardy	dne
gutsy	dne
feisty	Fixed 1.5.0.13+1.5.0.15~prepatch080614g-0ubuntu0.7.04.1 released
dapper	Fixed 1.5.0.13+1.5.0.15~prepatch080614g-0ubuntu0.6.06.1 released

thunderbird

hardy	Fixed 2.0.0.17+nobinonly-0ubuntu0.8.04.1 released
gutsy	Fixed 2.0.0.17+nobinonly-0ubuntu0.7.10.1 released
feisty	dne
dapper	dne

Known Exploits!

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html

http://secunia.com/advisories/32010

http://secunia.com/advisories/32025

http://secunia.com/advisories/32044

http://secunia.com/advisories/32082

http://secunia.com/advisories/32092

http://secunia.com/advisories/32196

http://secunia.com/advisories/33433

http://secunia.com/advisories/33434

http://secunia.com/advisories/34501

http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422

http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123

http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1

http://www.debian.org/security/2009/dsa-1696

http://www.debian.org/security/2009/dsa-1697

http://www.mandriva.com/security/advisories?name=MDVSA-2008:206

http://www.mozilla.org/security/announce/2008/mfsa2008-46.html

http://www.redhat.com/support/errata/RHSA-2008-0908.html

http://www.securityfocus.com/bid/31411

http://www.securitytracker.com/id?1020948

http://www.ubuntu.com/usn/usn-647-1

http://www.vupen.com/english/advisories/2009/0977

https://bugzilla.mozilla.org/show_bug.cgi?id=425152

https://exchange.xforce.ibmcloud.com/vulnerabilities/45426

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10933

http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html

http://secunia.com/advisories/32010

http://secunia.com/advisories/32025

http://secunia.com/advisories/32044

http://secunia.com/advisories/32082

http://secunia.com/advisories/32092

http://secunia.com/advisories/32196

http://secunia.com/advisories/33433

http://secunia.com/advisories/33434

http://secunia.com/advisories/34501

http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422

http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123

http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1

http://www.debian.org/security/2009/dsa-1696

http://www.debian.org/security/2009/dsa-1697

http://www.mandriva.com/security/advisories?name=MDVSA-2008:206

http://www.mozilla.org/security/announce/2008/mfsa2008-46.html

http://www.redhat.com/support/errata/RHSA-2008-0908.html

http://www.securityfocus.com/bid/31411

http://www.securitytracker.com/id?1020948

http://www.ubuntu.com/usn/usn-647-1

http://www.vupen.com/english/advisories/2009/0977

https://bugzilla.mozilla.org/show_bug.cgi?id=425152

https://exchange.xforce.ibmcloud.com/vulnerabilities/45426

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10933