CVE ID:	CVE-2008-4058
Description:	The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to (1) chrome XBL and (2) chrome JS.
Test IDs:	1.3.6.1.4.1.25623.1.0.63143   1.3.6.1.4.1.25623.1.0.61770   1.3.6.1.4.1.25623.1.0.61907
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4058 1020915 http://www.securitytracker.com/id?1020915 256408 http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 31346 http://www.securityfocus.com/bid/31346 31984 http://secunia.com/advisories/31984 31985 http://secunia.com/advisories/31985 31987 http://secunia.com/advisories/31987 32007 http://secunia.com/advisories/32007 32010 http://secunia.com/advisories/32010 32011 http://secunia.com/advisories/32011 32012 http://secunia.com/advisories/32012 32025 http://secunia.com/advisories/32025 32042 http://secunia.com/advisories/32042 32044 http://secunia.com/advisories/32044 32082 http://secunia.com/advisories/32082 32089 http://secunia.com/advisories/32089 32092 http://secunia.com/advisories/32092 32095 http://secunia.com/advisories/32095 32096 http://secunia.com/advisories/32096 32144 http://secunia.com/advisories/32144 32185 http://secunia.com/advisories/32185 32196 http://secunia.com/advisories/32196 32845 http://secunia.com/advisories/32845 33433 http://secunia.com/advisories/33433 33434 http://secunia.com/advisories/33434 34501 http://secunia.com/advisories/34501 ADV-2008-2661 http://www.vupen.com/english/advisories/2008/2661 ADV-2009-0977 http://www.vupen.com/english/advisories/2009/0977 DSA-1649 http://www.debian.org/security/2008/dsa-1649 DSA-1669 http://www.debian.org/security/2008/dsa-1669 DSA-1696 http://www.debian.org/security/2009/dsa-1696 DSA-1697 http://www.debian.org/security/2009/dsa-1697 FEDORA-2008-8401 https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html FEDORA-2008-8425 https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html FEDORA-2008-8429 https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html MDVSA-2008:205 http://www.mandriva.com/security/advisories?name=MDVSA-2008:205 MDVSA-2008:206 http://www.mandriva.com/security/advisories?name=MDVSA-2008:206 RHSA-2008:0879 http://www.redhat.com/support/errata/RHSA-2008-0879.html RHSA-2008:0882 http://www.redhat.com/support/errata/RHSA-2008-0882.html RHSA-2008:0908 http://www.redhat.com/support/errata/RHSA-2008-0908.html SSA:2008-269-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232 SSA:2008-269-02 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422 SSA:2008-270-01 http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.412123 SUSE-SA:2008:050 http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html USN-645-1 http://www.ubuntu.com/usn/usn-645-1 USN-645-2 http://www.ubuntu.com/usn/usn-645-2 USN-647-1 http://www.ubuntu.com/usn/usn-647-1 firefox3-xpcnativewrappers-code-execution(45349) https://exchange.xforce.ibmcloud.com/vulnerabilities/45349 http://download.novell.com/Download?buildid=WZXONb-tqBw~ http://download.novell.com/Download?buildid=WZXONb-tqBw~ http://www.mozilla.org/security/announce/2008/mfsa2008-41.html http://www.mozilla.org/security/announce/2008/mfsa2008-41.html https://bugzilla.mozilla.org/show_bug.cgi?id=444075 https://bugzilla.mozilla.org/show_bug.cgi?id=444075 https://bugzilla.mozilla.org/show_bug.cgi?id=444077 https://bugzilla.mozilla.org/show_bug.cgi?id=444077 oval:org.mitre.oval:def:9679 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9679