9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.8%
Name | firefox_35 |
---|---|
CVE | CVE-2009-2477 Exploit Pack |
VENDOR: Mozilla | |
Notes: Although the advisories states that this due to improper handling of and |
tags, this exploit uses another method to reach the
vulnerability. For now - if the target browser is closed then the socket is lost - so you might want to install a MOSDEF service as soon as you can. This version is not yet
DEP safe.
Repeatability: One shot
CVE Url: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2477
CVSS: 9.3