Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/86678?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/86678?format=api", "purl": "pkg:mozilla/Firefox@3.0.2", "type": "mozilla", "namespace": "", "name": "Firefox", "version": "3.0.2", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "3.0.4", "latest_non_vulnerable_version": "150.0.1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52027?format=api", "vulnerability_id": "VCID-2q2b-6j3y-e7gb", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox,\n Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n allow execution of arbitrary code or local privilege escalation.", "references": [ { "reference_url": "http://download.novell.com/Download?buildid=WZXONb-tqBw~", "reference_id": "", "reference_type": "", "scores": [], "url": "http://download.novell.com/Download?buildid=WZXONb-tqBw~" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3837.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3837.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3837", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03669", "scoring_system": "epss", "scoring_elements": "0.87937", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03669", "scoring_system": "epss", "scoring_elements": "0.87846", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03669", "scoring_system": "epss", "scoring_elements": "0.87933", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03669", "scoring_system": "epss", "scoring_elements": "0.87939", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.03669", "scoring_system": "epss", "scoring_elements": "0.87856", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03669", "scoring_system": "epss", "scoring_elements": "0.87869", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03669", "scoring_system": "epss", "scoring_elements": "0.87872", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03669", "scoring_system": "epss", "scoring_elements": "0.87894", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03669", "scoring_system": "epss", "scoring_elements": "0.87901", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03669", "scoring_system": "epss", "scoring_elements": "0.87912", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03669", "scoring_system": "epss", "scoring_elements": "0.87905", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03669", "scoring_system": "epss", "scoring_elements": "0.87903", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03669", "scoring_system": "epss", "scoring_elements": "0.87917", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03669", "scoring_system": "epss", "scoring_elements": "0.87916", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3837" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=329385", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=329385" }, { "reference_url": "http://secunia.com/advisories/31984", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31984" }, { "reference_url": "http://secunia.com/advisories/31985", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31985" }, { "reference_url": "http://secunia.com/advisories/31987", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31987" }, { "reference_url": "http://secunia.com/advisories/32010", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32010" }, { "reference_url": "http://secunia.com/advisories/32011", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32011" }, { "reference_url": "http://secunia.com/advisories/32012", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32012" }, { "reference_url": "http://secunia.com/advisories/32042", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32042" }, { "reference_url": "http://secunia.com/advisories/32044", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32044" }, { "reference_url": "http://secunia.com/advisories/32089", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32089" }, { "reference_url": "http://secunia.com/advisories/32095", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32095" }, { "reference_url": "http://secunia.com/advisories/32096", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32096" }, { "reference_url": "http://secunia.com/advisories/32144", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32144" }, { "reference_url": "http://secunia.com/advisories/32185", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32185" }, { "reference_url": "http://secunia.com/advisories/32196", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32196" }, { "reference_url": "http://secunia.com/advisories/32845", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32845" }, { "reference_url": "http://secunia.com/advisories/33433", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33433" }, { "reference_url": "http://secunia.com/advisories/34501", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/34501" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45348" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9950" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1649", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1649" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1669", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1669" }, { "reference_url": "http://www.debian.org/security/2009/dsa-1697", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2009/dsa-1697" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:205", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:205" }, { "reference_url": "http://www.mozilla.org/security/announce/2008/mfsa2008-40.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-40.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0879.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0879.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0882.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0882.html" }, { "reference_url": "http://www.securityfocus.com/bid/31346", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/31346" }, { "reference_url": "http://www.securitytracker.com/id?1020922", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020922" }, { "reference_url": "http://www.ubuntu.com/usn/usn-645-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-645-1" }, { "reference_url": "http://www.ubuntu.com/usn/usn-645-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-645-2" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2661", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2661" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0977", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0977" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=463189", "reference_id": "463189", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=463189" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3837", "reference_id": "CVE-2008-3837", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3837" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3837", "reference_id": "CVE-2008-3837", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3837" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2008-40", "reference_id": "mfsa2008-40", "reference_type": "", "scores": [ { "value": "low", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2008-40" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0879", "reference_id": "RHSA-2008:0879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0882", "reference_id": "RHSA-2008:0882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0882" }, { "reference_url": "https://usn.ubuntu.com/645-1/", "reference_id": "USN-645-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/645-1/" }, { "reference_url": "https://usn.ubuntu.com/645-2/", "reference_id": "USN-645-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/645-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86678?format=api", "purl": "pkg:mozilla/Firefox@3.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.2" } ], "aliases": [ "CVE-2008-3837" ], "risk_score": 4.2, "exploitability": "0.5", "weighted_severity": "8.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2q2b-6j3y-e7gb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52036?format=api", "vulnerability_id": "VCID-6vwv-vgjn-w7h2", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox,\n Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n allow execution of arbitrary code or local privilege escalation.", "references": [ { "reference_url": "http://download.novell.com/Download?buildid=WZXONb-tqBw~", "reference_id": "", "reference_type": "", "scores": [], "url": "http://download.novell.com/Download?buildid=WZXONb-tqBw~" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4061.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4061.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-4061", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03898", "scoring_system": "epss", "scoring_elements": "0.88313", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03898", "scoring_system": "epss", "scoring_elements": "0.8822", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03898", "scoring_system": "epss", "scoring_elements": "0.88305", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03898", "scoring_system": "epss", "scoring_elements": "0.8831", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.03898", "scoring_system": "epss", "scoring_elements": "0.88228", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03898", "scoring_system": "epss", "scoring_elements": "0.88243", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03898", "scoring_system": "epss", "scoring_elements": "0.88248", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03898", "scoring_system": "epss", "scoring_elements": "0.88267", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03898", "scoring_system": "epss", "scoring_elements": "0.88273", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03898", "scoring_system": "epss", "scoring_elements": "0.88285", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03898", "scoring_system": "epss", "scoring_elements": "0.88277", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03898", "scoring_system": "epss", "scoring_elements": "0.88276", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03898", "scoring_system": "epss", "scoring_elements": "0.8829", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03898", "scoring_system": "epss", "scoring_elements": "0.88288", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-4061" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=443089", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=443089" }, { "reference_url": "http://secunia.com/advisories/31984", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31984" }, { "reference_url": "http://secunia.com/advisories/31985", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31985" }, { "reference_url": "http://secunia.com/advisories/31987", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31987" }, { "reference_url": "http://secunia.com/advisories/32007", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32007" }, { "reference_url": "http://secunia.com/advisories/32010", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32010" }, { "reference_url": "http://secunia.com/advisories/32011", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32011" }, { "reference_url": "http://secunia.com/advisories/32012", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32012" }, { "reference_url": "http://secunia.com/advisories/32025", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32025" }, { "reference_url": "http://secunia.com/advisories/32042", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32042" }, { "reference_url": "http://secunia.com/advisories/32044", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32044" }, { "reference_url": "http://secunia.com/advisories/32082", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32082" }, { "reference_url": "http://secunia.com/advisories/32089", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32089" }, { "reference_url": "http://secunia.com/advisories/32092", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32092" }, { "reference_url": "http://secunia.com/advisories/32095", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32095" }, { "reference_url": "http://secunia.com/advisories/32096", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32096" }, { "reference_url": "http://secunia.com/advisories/32144", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32144" }, { "reference_url": "http://secunia.com/advisories/32185", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32185" }, { "reference_url": "http://secunia.com/advisories/32196", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32196" }, { "reference_url": "http://secunia.com/advisories/32845", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32845" }, { "reference_url": "http://secunia.com/advisories/33433", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33433" }, { "reference_url": "http://secunia.com/advisories/33434", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33434" }, { "reference_url": "http://secunia.com/advisories/34501", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/34501" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45351" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10794" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1649", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1649" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1669", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1669" }, { "reference_url": "http://www.debian.org/security/2009/dsa-1696", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2009/dsa-1696" }, { "reference_url": "http://www.debian.org/security/2009/dsa-1697", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2009/dsa-1697" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:205", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:205" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:206" }, { "reference_url": "http://www.mozilla.org/security/announce/2008/mfsa2008-42.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-42.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0879.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0879.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0882.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0882.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0908.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0908.html" }, { "reference_url": "http://www.securityfocus.com/bid/31346", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/31346" }, { "reference_url": "http://www.securitytracker.com/id?1020916", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020916" }, { "reference_url": "http://www.ubuntu.com/usn/usn-645-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-645-1" }, { "reference_url": "http://www.ubuntu.com/usn/usn-645-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-645-2" }, { "reference_url": "http://www.ubuntu.com/usn/usn-647-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-647-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2661", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2661" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0977", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0977" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=463199", "reference_id": "463199", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=463199" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4061", "reference_id": "CVE-2008-4061", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4061" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4061", "reference_id": "CVE-2008-4061", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4061" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2008-42", "reference_id": "mfsa2008-42", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2008-42" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0879", "reference_id": "RHSA-2008:0879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0882", "reference_id": "RHSA-2008:0882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0908", "reference_id": "RHSA-2008:0908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0908" }, { "reference_url": "https://usn.ubuntu.com/645-1/", "reference_id": "USN-645-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/645-1/" }, { "reference_url": "https://usn.ubuntu.com/645-2/", "reference_id": "USN-645-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/645-2/" }, { "reference_url": "https://usn.ubuntu.com/647-1/", "reference_id": "USN-647-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/647-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86678?format=api", "purl": "pkg:mozilla/Firefox@3.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.2" } ], "aliases": [ "CVE-2008-4061" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6vwv-vgjn-w7h2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52102?format=api", "vulnerability_id": "VCID-at1m-d43c-ryeb", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox,\n Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n allow execution of arbitrary code or local privilege escalation.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5014.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5014.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-5014", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.25205", "scoring_system": "epss", "scoring_elements": "0.96206", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.25205", "scoring_system": "epss", "scoring_elements": "0.9615", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.25205", "scoring_system": "epss", "scoring_elements": "0.96203", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.25205", "scoring_system": "epss", "scoring_elements": "0.96205", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.25205", "scoring_system": "epss", "scoring_elements": "0.96158", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.25205", "scoring_system": "epss", "scoring_elements": "0.96165", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.25205", "scoring_system": "epss", "scoring_elements": "0.96168", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.25205", "scoring_system": "epss", "scoring_elements": "0.96178", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.25205", "scoring_system": "epss", "scoring_elements": "0.96182", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.25205", "scoring_system": "epss", "scoring_elements": "0.96186", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.25205", "scoring_system": "epss", "scoring_elements": "0.96185", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.25205", "scoring_system": "epss", "scoring_elements": "0.96188", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.25205", "scoring_system": "epss", "scoring_elements": "0.96197", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.25205", "scoring_system": "epss", "scoring_elements": "0.96201", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-5014" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=436741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=436741" }, { "reference_url": "http://secunia.com/advisories/32011", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32011" }, { "reference_url": "http://secunia.com/advisories/32684", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32684" }, { "reference_url": "http://secunia.com/advisories/32693", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32693" }, { "reference_url": "http://secunia.com/advisories/32694", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32694" }, { "reference_url": "http://secunia.com/advisories/32695", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32695" }, { "reference_url": "http://secunia.com/advisories/32714", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32714" }, { "reference_url": "http://secunia.com/advisories/32715", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32715" }, { "reference_url": "http://secunia.com/advisories/32721", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32721" }, { "reference_url": "http://secunia.com/advisories/32778", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32778" }, { "reference_url": "http://secunia.com/advisories/32798", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32798" }, { "reference_url": "http://secunia.com/advisories/32845", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32845" }, { "reference_url": "http://secunia.com/advisories/32853", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32853" }, { "reference_url": "http://secunia.com/advisories/33433", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33433" }, { "reference_url": "http://secunia.com/advisories/33434", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33434" }, { "reference_url": "http://secunia.com/advisories/34501", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/34501" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9157" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html" }, { "reference_url": "http://ubuntu.com/usn/usn-667-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://ubuntu.com/usn/usn-667-1" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1669", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1669" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1671", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1671" }, { "reference_url": "http://www.debian.org/security/2009/dsa-1696", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2009/dsa-1696" }, { "reference_url": "http://www.debian.org/security/2009/dsa-1697", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2009/dsa-1697" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:228", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:228" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:230", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:230" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:235", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:235" }, { "reference_url": "http://www.mozilla.org/security/announce/2008/mfsa2008-50.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-50.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0976.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0976.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0977.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0977.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0978.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0978.html" }, { "reference_url": "http://www.securityfocus.com/bid/32281", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/32281" }, { "reference_url": "http://www.securitytracker.com/id?1021182", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1021182" }, { "reference_url": "http://www.us-cert.gov/cas/techalerts/TA08-319A.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.us-cert.gov/cas/techalerts/TA08-319A.html" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/3146", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/3146" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0977", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0977" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=470873", "reference_id": "470873", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=470873" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5014", "reference_id": "CVE-2008-5014", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5014" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5014", "reference_id": "CVE-2008-5014", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-5014" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2008-50", "reference_id": "mfsa2008-50", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2008-50" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0976", "reference_id": "RHSA-2008:0976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0977", "reference_id": "RHSA-2008:0977", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0978", "reference_id": "RHSA-2008:0978", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0978" }, { "reference_url": "https://usn.ubuntu.com/667-1/", "reference_id": "USN-667-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/667-1/" }, { "reference_url": "https://usn.ubuntu.com/668-1/", "reference_id": "USN-668-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/668-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86678?format=api", "purl": "pkg:mozilla/Firefox@3.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.2" } ], "aliases": [ "CVE-2008-5014" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-at1m-d43c-ryeb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52028?format=api", "vulnerability_id": "VCID-cyb6-39sq-hfg5", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox,\n Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n allow execution of arbitrary code or local privilege escalation.", "references": [ { "reference_url": "http://download.novell.com/Download?buildid=WZXONb-tqBw~", "reference_id": "", "reference_type": "", "scores": [], "url": "http://download.novell.com/Download?buildid=WZXONb-tqBw~" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4058.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4058.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-4058", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0348", "scoring_system": "epss", "scoring_elements": "0.87605", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0348", "scoring_system": "epss", "scoring_elements": "0.87513", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0348", "scoring_system": "epss", "scoring_elements": "0.876", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0348", "scoring_system": "epss", "scoring_elements": "0.87607", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0348", "scoring_system": "epss", "scoring_elements": "0.87523", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0348", "scoring_system": "epss", "scoring_elements": "0.87537", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0348", "scoring_system": "epss", "scoring_elements": "0.87539", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0348", "scoring_system": "epss", "scoring_elements": "0.87558", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0348", "scoring_system": "epss", "scoring_elements": "0.87565", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0348", "scoring_system": "epss", "scoring_elements": "0.87576", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0348", "scoring_system": "epss", "scoring_elements": "0.87572", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0348", "scoring_system": "epss", "scoring_elements": "0.87569", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0348", "scoring_system": "epss", "scoring_elements": "0.87583", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0348", "scoring_system": "epss", "scoring_elements": "0.87584", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0348", "scoring_system": "epss", "scoring_elements": "0.87582", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-4058" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=444075", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=444075" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=444077", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=444077" }, { "reference_url": "http://secunia.com/advisories/31984", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31984" }, { "reference_url": "http://secunia.com/advisories/31985", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31985" }, { "reference_url": "http://secunia.com/advisories/31987", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31987" }, { "reference_url": "http://secunia.com/advisories/32007", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32007" }, { "reference_url": "http://secunia.com/advisories/32010", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32010" }, { "reference_url": "http://secunia.com/advisories/32011", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32011" }, { "reference_url": "http://secunia.com/advisories/32012", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32012" }, { "reference_url": "http://secunia.com/advisories/32025", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32025" }, { "reference_url": "http://secunia.com/advisories/32042", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32042" }, { "reference_url": "http://secunia.com/advisories/32044", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32044" }, { "reference_url": "http://secunia.com/advisories/32082", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32082" }, { "reference_url": "http://secunia.com/advisories/32089", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32089" }, { "reference_url": "http://secunia.com/advisories/32092", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32092" }, { "reference_url": "http://secunia.com/advisories/32095", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32095" }, { "reference_url": "http://secunia.com/advisories/32096", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32096" }, { "reference_url": "http://secunia.com/advisories/32144", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32144" }, { "reference_url": "http://secunia.com/advisories/32185", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32185" }, { "reference_url": "http://secunia.com/advisories/32196", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32196" }, { "reference_url": "http://secunia.com/advisories/32845", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32845" }, { "reference_url": "http://secunia.com/advisories/33433", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33433" }, { "reference_url": "http://secunia.com/advisories/33434", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33434" }, { "reference_url": "http://secunia.com/advisories/34501", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/34501" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45349" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9679" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1649", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1649" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1669", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1669" }, { "reference_url": "http://www.debian.org/security/2009/dsa-1696", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2009/dsa-1696" }, { "reference_url": "http://www.debian.org/security/2009/dsa-1697", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2009/dsa-1697" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:205", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:205" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:206" }, { "reference_url": "http://www.mozilla.org/security/announce/2008/mfsa2008-41.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-41.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0879.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0879.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0882.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0882.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0908.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0908.html" }, { "reference_url": "http://www.securityfocus.com/bid/31346", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/31346" }, { "reference_url": "http://www.securitytracker.com/id?1020915", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020915" }, { "reference_url": "http://www.ubuntu.com/usn/usn-645-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-645-1" }, { "reference_url": "http://www.ubuntu.com/usn/usn-645-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-645-2" }, { "reference_url": "http://www.ubuntu.com/usn/usn-647-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-647-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2661", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2661" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0977", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0977" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=463190", "reference_id": "463190", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=463190" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4058", "reference_id": "CVE-2008-4058", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4058" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4058", "reference_id": "CVE-2008-4058", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4058" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2008-41", "reference_id": "mfsa2008-41", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2008-41" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0879", "reference_id": "RHSA-2008:0879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0882", "reference_id": "RHSA-2008:0882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0908", "reference_id": "RHSA-2008:0908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0908" }, { "reference_url": "https://usn.ubuntu.com/645-1/", "reference_id": "USN-645-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/645-1/" }, { "reference_url": "https://usn.ubuntu.com/645-2/", "reference_id": "USN-645-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/645-2/" }, { "reference_url": "https://usn.ubuntu.com/647-1/", "reference_id": "USN-647-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/647-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86678?format=api", "purl": "pkg:mozilla/Firefox@3.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.2" } ], "aliases": [ "CVE-2008-4058" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cyb6-39sq-hfg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52052?format=api", "vulnerability_id": "VCID-hgv4-943g-1qe8", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox,\n Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n allow execution of arbitrary code or local privilege escalation.", "references": [ { "reference_url": "http://download.novell.com/Download?buildid=WZXONb-tqBw~", "reference_id": "", "reference_type": "", "scores": [], "url": "http://download.novell.com/Download?buildid=WZXONb-tqBw~" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4065.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4065.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-4065", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0134", "scoring_system": "epss", "scoring_elements": "0.80087", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0134", "scoring_system": "epss", "scoring_elements": "0.79958", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0134", "scoring_system": "epss", "scoring_elements": "0.80066", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0134", "scoring_system": "epss", "scoring_elements": "0.80071", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0134", "scoring_system": "epss", "scoring_elements": "0.79966", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0134", "scoring_system": "epss", "scoring_elements": "0.79987", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0134", "scoring_system": "epss", "scoring_elements": "0.79976", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0134", "scoring_system": "epss", "scoring_elements": "0.80004", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0134", "scoring_system": "epss", "scoring_elements": "0.80013", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0134", "scoring_system": "epss", "scoring_elements": "0.80033", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0134", "scoring_system": "epss", "scoring_elements": "0.80017", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0134", "scoring_system": "epss", "scoring_elements": "0.80009", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0134", "scoring_system": "epss", "scoring_elements": "0.80037", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0134", "scoring_system": "epss", "scoring_elements": "0.80038", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-4065" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=430740", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=430740" }, { "reference_url": "http://secunia.com/advisories/31984", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31984" }, { "reference_url": "http://secunia.com/advisories/31985", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31985" }, { "reference_url": "http://secunia.com/advisories/31987", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31987" }, { "reference_url": "http://secunia.com/advisories/32007", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32007" }, { "reference_url": "http://secunia.com/advisories/32010", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32010" }, { "reference_url": "http://secunia.com/advisories/32011", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32011" }, { "reference_url": "http://secunia.com/advisories/32012", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32012" }, { "reference_url": "http://secunia.com/advisories/32025", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32025" }, { "reference_url": "http://secunia.com/advisories/32042", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32042" }, { "reference_url": "http://secunia.com/advisories/32044", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32044" }, { "reference_url": "http://secunia.com/advisories/32082", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32082" }, { "reference_url": "http://secunia.com/advisories/32089", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32089" }, { "reference_url": "http://secunia.com/advisories/32092", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32092" }, { "reference_url": "http://secunia.com/advisories/32095", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32095" }, { "reference_url": "http://secunia.com/advisories/32096", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32096" }, { "reference_url": "http://secunia.com/advisories/32144", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32144" }, { "reference_url": "http://secunia.com/advisories/32185", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32185" }, { "reference_url": "http://secunia.com/advisories/32196", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32196" }, { "reference_url": "http://secunia.com/advisories/32845", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32845" }, { "reference_url": "http://secunia.com/advisories/33433", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33433" }, { "reference_url": "http://secunia.com/advisories/33434", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33434" }, { "reference_url": "http://secunia.com/advisories/34501", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/34501" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45356" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11383", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11383" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1649", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1649" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1669", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1669" }, { "reference_url": "http://www.debian.org/security/2009/dsa-1696", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2009/dsa-1696" }, { "reference_url": "http://www.debian.org/security/2009/dsa-1697", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2009/dsa-1697" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:205", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:205" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:206" }, { "reference_url": "http://www.mozilla.org/security/announce/2008/mfsa2008-43.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-43.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0879.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0879.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0882.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0882.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0908.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0908.html" }, { "reference_url": "http://www.securityfocus.com/bid/31346", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/31346" }, { "reference_url": "http://www.securitytracker.com/id?1020920", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020920" }, { "reference_url": "http://www.ubuntu.com/usn/usn-645-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-645-1" }, { "reference_url": "http://www.ubuntu.com/usn/usn-645-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-645-2" }, { "reference_url": "http://www.ubuntu.com/usn/usn-647-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-647-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2661", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2661" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0977", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0977" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=463234", "reference_id": "463234", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=463234" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065", "reference_id": "CVE-2008-4065", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4065" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4065", "reference_id": "CVE-2008-4065", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4065" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2008-43", "reference_id": "mfsa2008-43", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2008-43" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0879", "reference_id": "RHSA-2008:0879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0882", "reference_id": "RHSA-2008:0882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0908", "reference_id": "RHSA-2008:0908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0908" }, { "reference_url": "https://usn.ubuntu.com/645-1/", "reference_id": "USN-645-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/645-1/" }, { "reference_url": "https://usn.ubuntu.com/645-2/", "reference_id": "USN-645-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/645-2/" }, { "reference_url": "https://usn.ubuntu.com/647-1/", "reference_id": "USN-647-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/647-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86678?format=api", "purl": "pkg:mozilla/Firefox@3.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.2" } ], "aliases": [ "CVE-2008-4065" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hgv4-943g-1qe8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/52064?format=api", "vulnerability_id": "VCID-tvnv-cryn-x7fp", "summary": "Multiple vulnerabilities have been found in Mozilla Firefox,\n Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n allow execution of arbitrary code or local privilege escalation.", "references": [ { "reference_url": "http://download.novell.com/Download?buildid=WZXONb-tqBw~", "reference_id": "", "reference_type": "", "scores": [], "url": "http://download.novell.com/Download?buildid=WZXONb-tqBw~" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4067.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4067.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-4067", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02059", "scoring_system": "epss", "scoring_elements": "0.83971", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02059", "scoring_system": "epss", "scoring_elements": "0.83838", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02059", "scoring_system": "epss", "scoring_elements": "0.83958", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02059", "scoring_system": "epss", "scoring_elements": "0.83966", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02059", "scoring_system": "epss", "scoring_elements": "0.83852", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02059", "scoring_system": "epss", "scoring_elements": "0.83867", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02059", "scoring_system": "epss", "scoring_elements": "0.83869", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02059", "scoring_system": "epss", "scoring_elements": "0.83893", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02059", "scoring_system": "epss", "scoring_elements": "0.83899", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02059", "scoring_system": "epss", "scoring_elements": "0.83915", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02059", "scoring_system": "epss", "scoring_elements": "0.8391", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02059", "scoring_system": "epss", "scoring_elements": "0.83906", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02059", "scoring_system": "epss", "scoring_elements": "0.83932", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02059", "scoring_system": "epss", "scoring_elements": "0.83933", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-4067" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=380994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=380994" }, { "reference_url": "https://bugzilla.mozilla.org/show_bug.cgi?id=394075", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=394075" }, { "reference_url": "http://secunia.com/advisories/31984", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31984" }, { "reference_url": "http://secunia.com/advisories/31985", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31985" }, { "reference_url": "http://secunia.com/advisories/31987", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31987" }, { "reference_url": "http://secunia.com/advisories/32007", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32007" }, { "reference_url": "http://secunia.com/advisories/32010", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32010" }, { "reference_url": "http://secunia.com/advisories/32011", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32011" }, { "reference_url": "http://secunia.com/advisories/32012", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32012" }, { "reference_url": "http://secunia.com/advisories/32025", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32025" }, { "reference_url": "http://secunia.com/advisories/32042", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32042" }, { "reference_url": "http://secunia.com/advisories/32044", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32044" }, { "reference_url": "http://secunia.com/advisories/32082", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32082" }, { "reference_url": "http://secunia.com/advisories/32089", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32089" }, { "reference_url": "http://secunia.com/advisories/32092", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32092" }, { "reference_url": "http://secunia.com/advisories/32095", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32095" }, { "reference_url": "http://secunia.com/advisories/32096", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32096" }, { "reference_url": "http://secunia.com/advisories/32144", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32144" }, { "reference_url": "http://secunia.com/advisories/32185", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32185" }, { "reference_url": "http://secunia.com/advisories/32196", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32196" }, { "reference_url": "http://secunia.com/advisories/32845", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/32845" }, { "reference_url": "http://secunia.com/advisories/33433", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33433" }, { "reference_url": "http://secunia.com/advisories/33434", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33434" }, { "reference_url": "http://secunia.com/advisories/34501", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/34501" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45359" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10770", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10770" }, { "reference_url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html" }, { "reference_url": "http://www.0x000000.com/?i=422", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.0x000000.com/?i=422" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1649", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1649" }, { "reference_url": "http://www.debian.org/security/2008/dsa-1669", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2008/dsa-1669" }, { "reference_url": "http://www.debian.org/security/2009/dsa-1696", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2009/dsa-1696" }, { "reference_url": "http://www.debian.org/security/2009/dsa-1697", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2009/dsa-1697" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:205", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:205" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:206", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:206" }, { "reference_url": "http://www.mozilla.org/security/announce/2008/mfsa2008-44.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-44.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0879.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0879.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0882.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0882.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2008-0908.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2008-0908.html" }, { "reference_url": "http://www.securityfocus.com/bid/31346", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/31346" }, { "reference_url": "http://www.securitytracker.com/id?1020921", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020921" }, { "reference_url": "http://www.ubuntu.com/usn/usn-645-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-645-1" }, { "reference_url": "http://www.ubuntu.com/usn/usn-645-2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-645-2" }, { "reference_url": "http://www.ubuntu.com/usn/usn-647-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-647-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2661", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2661" }, { "reference_url": "http://www.vupen.com/english/advisories/2009/0977", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2009/0977" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=463246", "reference_id": "463246", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=463246" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4067", "reference_id": "CVE-2008-4067", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4067" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4067", "reference_id": "CVE-2008-4067", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4067" }, { "reference_url": "https://security.gentoo.org/glsa/201301-01", "reference_id": "GLSA-201301-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201301-01" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2008-44", "reference_id": "mfsa2008-44", "reference_type": "", "scores": [ { "value": "none", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2008-44" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0879", "reference_id": "RHSA-2008:0879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0882", "reference_id": "RHSA-2008:0882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0908", "reference_id": "RHSA-2008:0908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0908" }, { "reference_url": "https://usn.ubuntu.com/645-1/", "reference_id": "USN-645-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/645-1/" }, { "reference_url": "https://usn.ubuntu.com/645-2/", "reference_id": "USN-645-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/645-2/" }, { "reference_url": "https://usn.ubuntu.com/647-1/", "reference_id": "USN-647-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/647-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/86678?format=api", "purl": "pkg:mozilla/Firefox@3.0.2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.2" } ], "aliases": [ "CVE-2008-4067" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tvnv-cryn-x7fp" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.2" }