CVE-2008-4063

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and (1) a zero value of the "this" variable in the nsContentList::Item function; (2) interaction of the indic IME extension, a Hindi language selection, and the "g" character; and (3) interaction of the nsFrameList::SortByContentOrder function with a certain insufficient protection of inline frames.

🔗 References (60)

• secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html
• secalert@redhathttp://secunia.com/advisories/31987
• secalert@redhathttp://secunia.com/advisories/32011
• secalert@redhathttp://secunia.com/advisories/32012
• secalert@redhathttp://secunia.com/advisories/32025
• secalert@redhathttp://secunia.com/advisories/32044
• secalert@redhathttp://secunia.com/advisories/32082
• secalert@redhathttp://secunia.com/advisories/32089
• secalert@redhathttp://secunia.com/advisories/32095
• secalert@redhathttp://secunia.com/advisories/32096
• secalert@redhathttp://secunia.com/advisories/32196
• secalert@redhathttp://secunia.com/advisories/34501
• secalert@redhathttp://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422
• secalert@redhathttp://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123
• secalert@redhathttp://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1