Lucene search

RedhatCVE-2009-1304

HistoryApr 22, 2009 - 6:30 p.m.

CVE-2009-1304

2009-04-2218:30:00

CWE-399

redhat

web.nvd.nist.gov

cve-2009-1304

mozilla firefox

thunderbird

seamonkey

javascript engine

denial of service

memory corruption

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

9.2

Confidence

High

EPSS

0.264

Percentile

96.8%

JSON

The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definitions of Math and Date; and (2) js_CheckRedeclaration.

Affected configurations

Nvd

Node

mozillafirefoxMatch3.0

mozillafirefoxMatch3.0.1

mozillafirefoxMatch3.0.2

mozillafirefoxMatch3.0.3

mozillafirefoxMatch3.0.4

mozillafirefoxMatch3.0.5

mozillafirefoxMatch3.0.6

mozillafirefoxMatch3.0.7

mozillafirefoxMatch3.0.8

mozillaseamonkeyRange≤1.1.13

mozillaseamonkeyMatch1.0

mozillaseamonkeyMatch1.0.1

mozillaseamonkeyMatch1.0.2

mozillaseamonkeyMatch1.0.3

mozillaseamonkeyMatch1.0.5

mozillaseamonkeyMatch1.0.6

mozillaseamonkeyMatch1.0.7

mozillaseamonkeyMatch1.0.8

mozillaseamonkeyMatch1.0.9

mozillaseamonkeyMatch1.1

mozillaseamonkeyMatch1.1alpha

mozillaseamonkeyMatch1.1beta

mozillaseamonkeyMatch1.1.1

mozillaseamonkeyMatch1.1.2

mozillaseamonkeyMatch1.1.3

mozillaseamonkeyMatch1.1.4

mozillaseamonkeyMatch1.1.5

mozillaseamonkeyMatch1.1.6

mozillaseamonkeyMatch1.1.7

mozillaseamonkeyMatch1.1.8

mozillaseamonkeyMatch1.1.9

mozillaseamonkeyMatch1.1.10

mozillaseamonkeyMatch1.1.11

mozillaseamonkeyMatch1.1.12

mozillaseamonkeyMatch1.1.14

mozillaseamonkeyMatch1.1.15

mozillathunderbirdRange≤2.0.0.19

mozillathunderbirdMatch1.0

mozillathunderbirdMatch1.0.1

mozillathunderbirdMatch1.0.2

mozillathunderbirdMatch1.0.3

mozillathunderbirdMatch1.0.4

mozillathunderbirdMatch1.0.5

mozillathunderbirdMatch1.0.5beta

mozillathunderbirdMatch1.0.6

mozillathunderbirdMatch1.0.7

mozillathunderbirdMatch1.0.8

mozillathunderbirdMatch1.5

mozillathunderbirdMatch1.5beta2

mozillathunderbirdMatch1.5.0.1

mozillathunderbirdMatch1.5.0.2

mozillathunderbirdMatch1.5.0.3

mozillathunderbirdMatch1.5.0.4

mozillathunderbirdMatch1.5.0.5

mozillathunderbirdMatch1.5.0.6

mozillathunderbirdMatch1.5.0.7

mozillathunderbirdMatch1.5.0.8

mozillathunderbirdMatch1.5.0.9

mozillathunderbirdMatch1.5.0.10

mozillathunderbirdMatch1.5.0.11

mozillathunderbirdMatch1.5.0.12

mozillathunderbirdMatch1.5.0.13

mozillathunderbirdMatch1.5.0.14

mozillathunderbirdMatch1.5.1

mozillathunderbirdMatch1.5.2

mozillathunderbirdMatch2.0.0.0

mozillathunderbirdMatch2.0.0.4

mozillathunderbirdMatch2.0.0.5

mozillathunderbirdMatch2.0.0.6

mozillathunderbirdMatch2.0.0.9

mozillathunderbirdMatch2.0.0.12

mozillathunderbirdMatch2.0.0.14

mozillathunderbirdMatch2.0.0.16

mozillathunderbirdMatch2.0.0.17

mozillathunderbirdMatch2.0.0.18

mozillathunderbirdMatch2.0.0.20

mozillathunderbirdMatch2.0.0.21

VendorProductVersionCPE
mozillafirefox3.0cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*
mozillafirefox3.0.1cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*
mozillafirefox3.0.2cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*
mozillafirefox3.0.3cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*
mozillafirefox3.0.4cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*
mozillafirefox3.0.5cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*
mozillafirefox3.0.6cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*
mozillafirefox3.0.7cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*
mozillafirefox3.0.8cpe:2.3:a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*
mozillaseamonkey*cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	firefox	3.0	cpe:2.3:a:mozilla:firefox:3.0:::::::*
mozilla	firefox	3.0.1	cpe:2.3:a:mozilla:firefox:3.0.1:::::::*
mozilla	firefox	3.0.2	cpe:2.3:a:mozilla:firefox:3.0.2:::::::*
mozilla	firefox	3.0.3	cpe:2.3:a:mozilla:firefox:3.0.3:::::::*
mozilla	firefox	3.0.4	cpe:2.3:a:mozilla:firefox:3.0.4:::::::*
mozilla	firefox	3.0.5	cpe:2.3:a:mozilla:firefox:3.0.5:::::::*
mozilla	firefox	3.0.6	cpe:2.3:a:mozilla:firefox:3.0.6:::::::*
mozilla	firefox	3.0.7	cpe:2.3:a:mozilla:firefox:3.0.7:::::::*
mozilla	firefox	3.0.8	cpe:2.3:a:mozilla:firefox:3.0.8:::::::*
mozilla	seamonkey	*	cpe:2.3:a:mozilla:seamonkey::::::::