Lucene search

[email protected]CVE-2009-1833

HistoryJun 12, 2009 - 9:30 p.m.

CVE-2009-1833

2009-06-1221:30:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2009-1833

mozilla firefox

thunderbird

seamonkey

javascript engine

denial of service

memory corruption

application crash

arbitrary code

nvd

9.8 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.142 Low

EPSS

Percentile

95.7%

JSON

The JavaScript engine in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) js_LeaveSharpObject, (2) ParseXMLSource, and (3) a certain assertion in jsinterp.c; and other vectors.

CPENameOperatorVersion
mozilla:seamonkeymozilla seamonkeyeq1.1.10
mozilla:firefoxmozilla firefoxeq0.1
mozilla:thunderbirdmozilla thunderbirdeq1.5.0.7
mozilla:firefoxmozilla firefoxeq0.9_rc
mozilla:thunderbirdmozilla thunderbirdeq0.6
mozilla:seamonkeymozilla seamonkeyeq1.0.3
mozilla:firefoxmozilla firefoxeq0.8
mozilla:firefoxmozilla firefoxeq2.0.0.12
mozilla:thunderbirdmozilla thunderbirdeq0.7.2
mozilla:firefoxmozilla firefoxeq1.5

CPE	Name	Operator	Version
mozilla:seamonkey	mozilla seamonkey	eq	1.1.10
mozilla:firefox	mozilla firefox	eq	0.1
mozilla:thunderbird	mozilla thunderbird	eq	1.5.0.7
mozilla:firefox	mozilla firefox	eq	0.9_rc
mozilla:thunderbird	mozilla thunderbird	eq	0.6
mozilla:seamonkey	mozilla seamonkey	eq	1.0.3
mozilla:firefox	mozilla firefox	eq	0.8
mozilla:firefox	mozilla firefox	eq	2.0.0.12
mozilla:thunderbird	mozilla thunderbird	eq	0.7.2
mozilla:firefox	mozilla firefox	eq	1.5

Rows per page:

1-10 of 1801

References

osvdb.org/55152

osvdb.org/55153

osvdb.org/55154

rhn.redhat.com/errata/RHSA-2009-1096.html

secunia.com/advisories/35331

secunia.com/advisories/35415

secunia.com/advisories/35428

secunia.com/advisories/35431

secunia.com/advisories/35439

secunia.com/advisories/35440

secunia.com/advisories/35468

secunia.com/advisories/35536

secunia.com/advisories/35561

secunia.com/advisories/35602

securitytracker.com/id?1022376

slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.372468

slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.425408

sunsolve.sun.com/search/document.do?assetkey=1-26-265068-1

sunsolve.sun.com/search/document.do?assetkey=1-77-1020800.1-1

www.debian.org/security/2009/dsa-1820

www.mandriva.com/security/advisories?name=MDVSA-2009:141

www.mozilla.org/security/announce/2009/mfsa2009-24.html

www.redhat.com/support/errata/RHSA-2009-1125.html

www.redhat.com/support/errata/RHSA-2009-1126.html

www.securityfocus.com/bid/35326

www.securityfocus.com/bid/35372

www.securitytracker.com/id?1022397

www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.454275

www.ubuntu.com/usn/usn-782-1

www.vupen.com/english/advisories/2009/1572

www.vupen.com/english/advisories/2009/2152

bugzilla.mozilla.org/show_bug.cgi?id=369696

bugzilla.mozilla.org/show_bug.cgi?id=426520

bugzilla.mozilla.org/show_bug.cgi?id=427196

bugzilla.mozilla.org/show_bug.cgi?id=487204

bugzilla.redhat.com/show_bug.cgi?id=503570

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11487

rhn.redhat.com/errata/RHSA-2009-1095.html

www.redhat.com/archives/fedora-package-announce/2009-June/msg00574.html

www.redhat.com/archives/fedora-package-announce/2009-June/msg00657.html

9.8 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.142 Low

EPSS

Percentile

95.7%

JSON

Related for CVE-2009-1833

ubuntucve1 veracode1 prion1 securityvulns2 mozilla1 openvas65 redhat4 nessus38 oraclelinux3 centos3 fedora39 osv1 ubuntu2 suse1 freebsd1 debian1 gentoo1