gsd - gsd-2008-4068

gsd-2008-4068

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass "restrictions imposed on local HTML files," and obtain sensitive information and prompt users to write this information into a file, via directory traversal sequences in a resource: URI.

Aliases

CVE-2008-4068

Aliases

CVE-2008-4068

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-4068",
    "description": "Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass \"restrictions imposed on local HTML files,\" and obtain sensitive information and prompt users to write this information into a file, via directory traversal sequences in a resource: URI.",
    "id": "GSD-2008-4068",
    "references": [
      "https://www.suse.com/security/cve/CVE-2008-4068.html",
      "https://www.debian.org/security/2009/dsa-1697",
      "https://www.debian.org/security/2009/dsa-1696",
      "https://www.debian.org/security/2008/dsa-1669",
      "https://www.debian.org/security/2008/dsa-1649",
      "https://access.redhat.com/errata/RHSA-2008:0908",
      "https://access.redhat.com/errata/RHSA-2008:0882",
      "https://access.redhat.com/errata/RHSA-2008:0879",
      "https://linux.oracle.com/cve/CVE-2008-4068.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-4068"
      ],
      "details": "Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass \"restrictions imposed on local HTML files,\" and obtain sensitive information and prompt users to write this information into a file, via directory traversal sequences in a resource: URI.",
      "id": "GSD-2008-4068",
      "modified": "2023-12-13T01:22:59.704067Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2008-4068",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass \"restrictions imposed on local HTML files,\" and obtain sensitive information and prompt users to write this information into a file, via directory traversal sequences in a resource: URI."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://secunia.com/advisories/34501",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/34501"
          },
          {
            "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1",
            "refsource": "MISC",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2009/0977",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2009/0977"
          },
          {
            "name": "http://secunia.com/advisories/33433",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/33433"
          },
          {
            "name": "http://secunia.com/advisories/33434",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/33434"
          },
          {
            "name": "http://www.debian.org/security/2009/dsa-1696",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2009/dsa-1696"
          },
          {
            "name": "http://www.debian.org/security/2009/dsa-1697",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2009/dsa-1697"
          },
          {
            "name": "http://download.novell.com/Download?buildid=WZXONb-tqBw~",
            "refsource": "MISC",
            "url": "http://download.novell.com/Download?buildid=WZXONb-tqBw~"
          },
          {
            "name": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html",
            "refsource": "MISC",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html"
          },
          {
            "name": "http://secunia.com/advisories/31984",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/31984"
          },
          {
            "name": "http://secunia.com/advisories/31985",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/31985"
          },
          {
            "name": "http://secunia.com/advisories/31987",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/31987"
          },
          {
            "name": "http://secunia.com/advisories/32007",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/32007"
          },
          {
            "name": "http://secunia.com/advisories/32010",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/32010"
          },
          {
            "name": "http://secunia.com/advisories/32011",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/32011"
          },
          {
            "name": "http://secunia.com/advisories/32012",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/32012"
          },
          {
            "name": "http://secunia.com/advisories/32025",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/32025"
          },
          {
            "name": "http://secunia.com/advisories/32042",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/32042"
          },
          {
            "name": "http://secunia.com/advisories/32044",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/32044"
          },
          {
            "name": "http://secunia.com/advisories/32082",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/32082"
          },
          {
            "name": "http://secunia.com/advisories/32089",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/32089"
          },
          {
            "name": "http://secunia.com/advisories/32092",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/32092"
          },
          {
            "name": "http://secunia.com/advisories/32095",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/32095"
          },
          {
            "name": "http://secunia.com/advisories/32096",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/32096"
          },
          {
            "name": "http://secunia.com/advisories/32144",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/32144"
          },
          {
            "name": "http://secunia.com/advisories/32185",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/32185"
          },
          {
            "name": "http://secunia.com/advisories/32196",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/32196"
          },
          {
            "name": "http://secunia.com/advisories/32845",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/32845"
          },
          {
            "name": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.379422",
            "refsource": "MISC",
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.379422"
          },
          {
            "name": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.405232",
            "refsource": "MISC",
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.405232"
          },
          {
            "name": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.412123",
            "refsource": "MISC",
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.412123"
          },
          {
            "name": "http://www.debian.org/security/2008/dsa-1649",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2008/dsa-1649"
          },
          {
            "name": "http://www.debian.org/security/2008/dsa-1669",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2008/dsa-1669"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:205",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:205"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:206",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:206"
          },
          {
            "name": "http://www.mozilla.org/security/announce/2008/mfsa2008-44.html",
            "refsource": "MISC",
            "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-44.html"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2008-0879.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0879.html"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2008-0882.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0882.html"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2008-0908.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0908.html"
          },
          {
            "name": "http://www.securityfocus.com/bid/31346",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/31346"
          },
          {
            "name": "http://www.securitytracker.com/id?1020921",
            "refsource": "MISC",
            "url": "http://www.securitytracker.com/id?1020921"
          },
          {
            "name": "http://www.ubuntu.com/usn/usn-645-1",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/usn-645-1"
          },
          {
            "name": "http://www.ubuntu.com/usn/usn-645-2",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/usn-645-2"
          },
          {
            "name": "http://www.ubuntu.com/usn/usn-647-1",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/usn-647-1"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2008/2661",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2008/2661"
          },
          {
            "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45360",
            "refsource": "MISC",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45360"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11471",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11471"
          },
          {
            "name": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html",
            "refsource": "MISC",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html"
          },
          {
            "name": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html",
            "refsource": "MISC",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html"
          },
          {
            "name": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html",
            "refsource": "MISC",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.0.2",
                "versionStartIncluding": "3.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.1.12",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.0.0.17",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.0.0.17",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2008-4068"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass \"restrictions imposed on local HTML files,\" and obtain sensitive information and prompt users to write this information into a file, via directory traversal sequences in a resource: URI."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-22"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.mozilla.org/security/announce/2008/mfsa2008-44.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-44.html"
            },
            {
              "name": "SSA:2008-269-01",
              "refsource": "SLACKWARE",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.405232"
            },
            {
              "name": "MDVSA-2008:205",
              "refsource": "MANDRIVA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:205"
            },
            {
              "name": "32042",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/32042"
            },
            {
              "name": "USN-647-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/usn-647-1"
            },
            {
              "name": "32092",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/32092"
            },
            {
              "name": "RHSA-2008:0908",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0908.html"
            },
            {
              "name": "32025",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/32025"
            },
            {
              "name": "SSA:2008-269-02",
              "refsource": "SLACKWARE",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.379422"
            },
            {
              "name": "http://download.novell.com/Download?buildid=WZXONb-tqBw~",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://download.novell.com/Download?buildid=WZXONb-tqBw~"
            },
            {
              "name": "FEDORA-2008-8429",
              "refsource": "FEDORA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html"
            },
            {
              "name": "32089",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/32089"
            },
            {
              "name": "32082",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/32082"
            },
            {
              "name": "SSA:2008-270-01",
              "refsource": "SLACKWARE",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.412123"
            },
            {
              "name": "FEDORA-2008-8401",
              "refsource": "FEDORA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html"
            },
            {
              "name": "32144",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/32144"
            },
            {
              "name": "32044",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/32044"
            },
            {
              "name": "SUSE-SA:2008:050",
              "refsource": "SUSE",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html"
            },
            {
              "name": "32095",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/32095"
            },
            {
              "name": "32096",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/32096"
            },
            {
              "name": "FEDORA-2008-8425",
              "refsource": "FEDORA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html"
            },
            {
              "name": "MDVSA-2008:206",
              "refsource": "MANDRIVA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:206"
            },
            {
              "name": "32845",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/32845"
            },
            {
              "name": "DSA-1669",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.debian.org/security/2008/dsa-1669"
            },
            {
              "name": "RHSA-2008:0879",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0879.html"
            },
            {
              "name": "RHSA-2008:0882",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0882.html"
            },
            {
              "name": "USN-645-2",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/usn-645-2"
            },
            {
              "name": "1020921",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id?1020921"
            },
            {
              "name": "31987",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/31987"
            },
            {
              "name": "32012",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/32012"
            },
            {
              "name": "31984",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/31984"
            },
            {
              "name": "31985",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/31985"
            },
            {
              "name": "31346",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/31346"
            },
            {
              "name": "32010",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/32010"
            },
            {
              "name": "32011",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/32011"
            },
            {
              "name": "USN-645-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/usn-645-1"
            },
            {
              "name": "32007",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/32007"
            },
            {
              "name": "DSA-1697",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.debian.org/security/2009/dsa-1697"
            },
            {
              "name": "33433",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/33433"
            },
            {
              "name": "33434",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/33434"
            },
            {
              "name": "DSA-1696",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.debian.org/security/2009/dsa-1696"
            },
            {
              "name": "ADV-2009-0977",
              "refsource": "VUPEN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/0977"
            },
            {
              "name": "34501",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/34501"
            },
            {
              "name": "256408",
              "refsource": "SUNALERT",
              "tags": [
                "Broken Link"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1"
            },
            {
              "name": "ADV-2008-2661",
              "refsource": "VUPEN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/2661"
            },
            {
              "name": "32185",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/32185"
            },
            {
              "name": "32196",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/32196"
            },
            {
              "name": "DSA-1649",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.debian.org/security/2008/dsa-1649"
            },
            {
              "name": "mozilla-resourceprotocol-info-disclosure(45360)",
              "refsource": "XF",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45360"
            },
            {
              "name": "oval:org.mitre.oval:def:11471",
              "refsource": "OVAL",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11471"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-11-01T15:15Z",
      "publishedDate": "2008-09-24T20:37Z"
    }
  }
}

cve-2008-4068

Vulnerability from cvelistv5

Published

2008-09-24 18:00

Modified

2024-08-07 10:00

Severity ?

Summary

References

▼	URL	Tags
	http://secunia.com/advisories/32025	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/32011	third-party-advisory, x_refsource_SECUNIA
	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232	vendor-advisory, x_refsource_SLACKWARE
	http://www.debian.org/security/2009/dsa-1697	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/32096	third-party-advisory, x_refsource_SECUNIA
	https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html	vendor-advisory, x_refsource_FEDORA
	http://www.ubuntu.com/usn/usn-645-1	vendor-advisory, x_refsource_UBUNTU
	http://www.mandriva.com/security/advisories?name=MDVSA-2008:206	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/32144	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/32010	third-party-advisory, x_refsource_SECUNIA
	http://www.securitytracker.com/id?1020921	vdb-entry, x_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2009/0977	vdb-entry, x_refsource_VUPEN
	http://www.ubuntu.com/usn/usn-645-2	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/31346	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/31985	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/31984	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/32185	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/32196	third-party-advisory, x_refsource_SECUNIA
	https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html	vendor-advisory, x_refsource_FEDORA
	http://www.debian.org/security/2008/dsa-1669	vendor-advisory, x_refsource_DEBIAN
	http://www.mozilla.org/security/announce/2008/mfsa2008-44.html	x_refsource_CONFIRM
	http://secunia.com/advisories/32042	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/33433	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2008/2661	vdb-entry, x_refsource_VUPEN
	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422	vendor-advisory, x_refsource_SLACKWARE
	http://secunia.com/advisories/32095	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/32089	third-party-advisory, x_refsource_SECUNIA
	http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1	vendor-advisory, x_refsource_SUNALERT
	http://secunia.com/advisories/32092	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2008-0879.html	vendor-advisory, x_refsource_REDHAT
	http://www.mandriva.com/security/advisories?name=MDVSA-2008:205	vendor-advisory, x_refsource_MANDRIVA
	http://www.debian.org/security/2009/dsa-1696	vendor-advisory, x_refsource_DEBIAN
	http://download.novell.com/Download?buildid=WZXONb-tqBw~	x_refsource_CONFIRM
	https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/31987	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/45360	vdb-entry, x_refsource_XF
	http://www.ubuntu.com/usn/usn-647-1	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/32007	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2008-0882.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/32845	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2008/dsa-1649	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/32012	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/33434	third-party-advisory, x_refsource_SECUNIA
	http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123	vendor-advisory, x_refsource_SLACKWARE
	http://secunia.com/advisories/32044	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11471	vdb-entry, signature, x_refsource_OVAL
	http://www.redhat.com/support/errata/RHSA-2008-0908.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/34501	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/32082	third-party-advisory, x_refsource_SECUNIA

Impacted products

▼	Vendor	Product
	n/a	n/a

Show details on NVD website