CVE-2008-4064 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2008-4064 Interim 1 16 2025-11-05T06:12:44Z current 2021-05-30T12:43:52Z 2025-11-05T06:12:44Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2008-4064 Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to graphics rendering and (1) handling of a long alert messagebox in the cairo_surface_set_device_offset function, (2) integer overflows when handling animated PNG data in the info_callback function in nsPNGDecoder.cpp, and (3) an integer overflow when handling SVG data in the nsSVGFEGaussianBlurElement::SetupPredivide function in nsSVGFilters.cpp. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2HED4GVIK6PS6YN3W6DJZJ63F3ESARIV/#2HED4GVIK6PS6YN3W6DJZJ63F3ESARIV E-Mail link for SUSE-SA:2008:050 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LZWA5IC5L2QN74MAY2LDOH57OMCZY4GE/#LZWA5IC5L2QN74MAY2LDOH57OMCZY4GE E-Mail link for openSUSE-SU-2014:1100-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Enterprise Storage 6 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server 16.0 SUSE Linux Enterprise Software Development Kit 11 SP4 openSUSE Tumbleweed MozillaFirefox MozillaFirefox-10.0-0.3.2 MozillaFirefox-140.2.0-160000.1.2 MozillaFirefox-17.0.4esr-0.10.42 MozillaFirefox-3.5.9-0.1.1 MozillaFirefox-31.7.0esr-0.8.1 MozillaFirefox-devel-140.2.0-160000.1.2 MozillaFirefox-devel-31.7.0esr-0.8.1 MozillaFirefox-translations-10.0-0.3.2 MozillaFirefox-translations-17.0.4esr-0.10.42 MozillaFirefox-translations-3.5.9-0.1.1 MozillaFirefox-translations-31.7.0esr-0.8.1 MozillaFirefox-translations-common-140.2.0-160000.1.2 MozillaFirefox-translations-other-140.2.0-160000.1.2 MozillaThunderbird-91.1.1-1.1 MozillaThunderbird-translations-common-91.1.1-1.1 MozillaThunderbird-translations-other-91.1.1-1.1 mozilla-xulrunner190-1.9.0.19-0.1.1 mozilla-xulrunner190-32bit-1.9.0.19-0.1.1 mozilla-xulrunner190-gnomevfs-1.9.0.19-0.1.1 mozilla-xulrunner190-translations-1.9.0.19-0.1.1 mozilla-xulrunner190-x86-1.9.0.19-0.1.1 MozillaFirefox-3.5.9-0.1.1 as a component of SUSE Linux Enterprise Server 11 SP1 MozillaFirefox-translations-3.5.9-0.1.1 as a component of SUSE Linux Enterprise Server 11 SP1 mozilla-xulrunner190-1.9.0.19-0.1.1 as a component of SUSE Linux Enterprise Server 11 SP1 mozilla-xulrunner190-32bit-1.9.0.19-0.1.1 as a component of SUSE Linux Enterprise Server 11 SP1 mozilla-xulrunner190-gnomevfs-1.9.0.19-0.1.1 as a component of SUSE Linux Enterprise Server 11 SP1 mozilla-xulrunner190-translations-1.9.0.19-0.1.1 as a component of SUSE Linux Enterprise Server 11 SP1 mozilla-xulrunner190-x86-1.9.0.19-0.1.1 as a component of SUSE Linux Enterprise Server 11 SP1 MozillaFirefox-10.0-0.3.2 as a component of SUSE Linux Enterprise Server 11 SP2 MozillaFirefox-translations-10.0-0.3.2 as a component of SUSE Linux Enterprise Server 11 SP2 MozillaFirefox-17.0.4esr-0.10.42 as a component of SUSE Linux Enterprise Server 11 SP3 MozillaFirefox-translations-17.0.4esr-0.10.42 as a component of SUSE Linux Enterprise Server 11 SP3 MozillaFirefox-31.7.0esr-0.8.1 as a component of SUSE Linux Enterprise Server 11 SP4 MozillaFirefox-translations-31.7.0esr-0.8.1 as a component of SUSE Linux Enterprise Server 11 SP4 MozillaFirefox-140.2.0-160000.1.2 as a component of SUSE Linux Enterprise Server 16.0 MozillaFirefox-devel-140.2.0-160000.1.2 as a component of SUSE Linux Enterprise Server 16.0 MozillaFirefox-translations-common-140.2.0-160000.1.2 as a component of SUSE Linux Enterprise Server 16.0 MozillaFirefox-translations-other-140.2.0-160000.1.2 as a component of SUSE Linux Enterprise Server 16.0 MozillaFirefox-devel-31.7.0esr-0.8.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 MozillaThunderbird-91.1.1-1.1 as a component of openSUSE Tumbleweed MozillaThunderbird-translations-common-91.1.1-1.1 as a component of openSUSE Tumbleweed MozillaThunderbird-translations-other-91.1.1-1.1 as a component of openSUSE Tumbleweed MozillaFirefox as a component of SUSE Enterprise Storage 6 Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to graphics rendering and (1) handling of a long alert messagebox in the cairo_surface_set_device_offset function, (2) integer overflows when handling animated PNG data in the info_callback function in nsPNGDecoder.cpp, and (3) an integer overflow when handling SVG data in the nsSVGFEGaussianBlurElement::SetupPredivide function in nsSVGFilters.cpp. CVE-2008-4064 SUSE Linux Enterprise Server 11 SP1:MozillaFirefox-3.5.9-0.1.1 SUSE Linux Enterprise Server 11 SP1:MozillaFirefox-translations-3.5.9-0.1.1 SUSE Linux Enterprise Server 11 SP1:mozilla-xulrunner190-1.9.0.19-0.1.1 SUSE Linux Enterprise Server 11 SP1:mozilla-xulrunner190-32bit-1.9.0.19-0.1.1 SUSE Linux Enterprise Server 11 SP1:mozilla-xulrunner190-gnomevfs-1.9.0.19-0.1.1 SUSE Linux Enterprise Server 11 SP1:mozilla-xulrunner190-translations-1.9.0.19-0.1.1 SUSE Linux Enterprise Server 11 SP1:mozilla-xulrunner190-x86-1.9.0.19-0.1.1 SUSE Linux Enterprise Server 11 SP2:MozillaFirefox-10.0-0.3.2 SUSE Linux Enterprise Server 11 SP2:MozillaFirefox-translations-10.0-0.3.2 SUSE Linux Enterprise Server 11 SP3:MozillaFirefox-17.0.4esr-0.10.42 SUSE Linux Enterprise Server 11 SP3:MozillaFirefox-translations-17.0.4esr-0.10.42 SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-31.7.0esr-0.8.1 SUSE Linux Enterprise Server 11 SP4:MozillaFirefox-translations-31.7.0esr-0.8.1 SUSE Linux Enterprise Server 16.0:MozillaFirefox-140.2.0-160000.1.2 SUSE Linux Enterprise Server 16.0:MozillaFirefox-devel-140.2.0-160000.1.2 SUSE Linux Enterprise Server 16.0:MozillaFirefox-translations-common-140.2.0-160000.1.2 SUSE Linux Enterprise Server 16.0:MozillaFirefox-translations-other-140.2.0-160000.1.2 SUSE Linux Enterprise Software Development Kit 11 SP4:MozillaFirefox-devel-31.7.0esr-0.8.1 openSUSE Tumbleweed:MozillaThunderbird-91.1.1-1.1 openSUSE Tumbleweed:MozillaThunderbird-translations-common-91.1.1-1.1 openSUSE Tumbleweed:MozillaThunderbird-translations-other-91.1.1-1.1 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C