Lucene search

K
cve[email protected]CVE-2009-2463
HistoryJul 22, 2009 - 6:30 p.m.

CVE-2009-2463

2009-07-2218:30:00
CWE-189
web.nvd.nist.gov
58
cve-2009-2463
integer overflows
mozilla firefox
thunderbird
seamonkey
denial of service
arbitrary code execution
buffer overflow
nvd

9.9 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.083 Low

EPSS

Percentile

94.2%

Multiple integer overflows in the (1) PL_Base64Decode and (2) PL_Base64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors that trigger buffer overflows.

References

9.9 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.083 Low

EPSS

Percentile

94.2%

Related for CVE-2009-2463