CVE-2008-4068

Name of the Vulnerable Software and Affected Versions libxul0d-dbg versions (affected versions not specified) libxul-dev versions (affected versions not specified) libsmjs1 versions (affected versions not specified) libmozjs0d-dbg versions (affected versions not specified) Mozilla Firefox versions prior to 2.0.0.17 and 3.x prior to 3.0.2 Thunderbird versions prior to 2.0.0.17 SeaMonkey versions prior to 1.1.12 libmozjs0d versions (affected versions not specified) libxul0d versions (affected versions not specified) libnss3-0d-dbg versions (affected versions not specified) libsmjs-dev versions (affected versions not specified) libnss3-0d versions (affected versions not specified) libxul-common versions (affected versions not specified)

Description The issue involves multiple vulnerabilities in various packages of the Debian GNU/Linux operating system, including libxul0d-dbg, libxul-dev, libsmjs1, libmozjs0d-dbg, libmozjs0d, libxul0d, libnss3-0d-dbg, libsmjs-dev, libnss3-0d, and libxul-common. These vulnerabilities can be exploited remotely, potentially leading to breaches of confidentiality, integrity, and availability of protected information. A directory traversal vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey allows remote attackers to bypass restrictions imposed on local HTML files and obtain sensitive information.

Recommendations For Mozilla Firefox versions prior to 2.0.0.17 and 3.x prior to 3.0.2, update to version 2.0.0.17 or 3.0.2 or later. For Thunderbird versions prior to 2.0.0.17, update to version 2.0.0.17 or later. For SeaMonkey versions prior to 1.1.12, update to version 1.1.12 or later. For libxul0d-dbg, libxul-dev, libsmjs1, libmozjs0d-dbg, libmozjs0d, libxul0d, libnss3-0d-dbg, libsmjs-dev, libnss3-0d, and libxul-common, at the moment, there is no information about a newer version that contains a fix for this vulnerability.