Lucene search

K
cveRedhatCVE-2009-2466
HistoryJul 22, 2009 - 6:30 p.m.

CVE-2009-2466

2009-07-2218:30:00
CWE-399
redhat
web.nvd.nist.gov
59
cve-2009-2466
mozilla firefox
thunderbird
remote attack
denial of service
cve

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.6

Confidence

High

EPSS

0.508

Percentile

97.6%

The JavaScript engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) nsDOMClassInfo.cpp, (2) JS_HashTableRawLookup, and (3) MirrorWrappedNativeParent and js_LockGCThingRT.

Affected configurations

Nvd
Node
mozillafirefoxRange3.0.11
OR
mozillafirefoxMatch0.1
OR
mozillafirefoxMatch0.2
OR
mozillafirefoxMatch0.3
OR
mozillafirefoxMatch0.4
OR
mozillafirefoxMatch0.5
OR
mozillafirefoxMatch0.6
OR
mozillafirefoxMatch0.6.1
OR
mozillafirefoxMatch0.7
OR
mozillafirefoxMatch0.7.1
OR
mozillafirefoxMatch0.8
OR
mozillafirefoxMatch0.9
OR
mozillafirefoxMatch0.9rc
OR
mozillafirefoxMatch0.9.1
OR
mozillafirefoxMatch0.9.2
OR
mozillafirefoxMatch0.9.3
OR
mozillafirefoxMatch0.9_rc
OR
mozillafirefoxMatch0.10
OR
mozillafirefoxMatch0.10.1
OR
mozillafirefoxMatch1.0
OR
mozillafirefoxMatch1.0preview_release
OR
mozillafirefoxMatch1.0.1
OR
mozillafirefoxMatch1.0.2
OR
mozillafirefoxMatch1.0.3
OR
mozillafirefoxMatch1.0.4
OR
mozillafirefoxMatch1.0.5
OR
mozillafirefoxMatch1.0.6
OR
mozillafirefoxMatch1.0.6linux
OR
mozillafirefoxMatch1.0.7
OR
mozillafirefoxMatch1.0.8
OR
mozillafirefoxMatch1.4.1
OR
mozillafirefoxMatch1.5
OR
mozillafirefoxMatch1.5beta1
OR
mozillafirefoxMatch1.5beta2
OR
mozillafirefoxMatch1.5.0.1
OR
mozillafirefoxMatch1.5.0.2
OR
mozillafirefoxMatch1.5.0.3
OR
mozillafirefoxMatch1.5.0.4
OR
mozillafirefoxMatch1.5.0.5
OR
mozillafirefoxMatch1.5.0.6
OR
mozillafirefoxMatch1.5.0.7
OR
mozillafirefoxMatch1.5.0.8
OR
mozillafirefoxMatch1.5.0.9
OR
mozillafirefoxMatch1.5.0.10
OR
mozillafirefoxMatch1.5.0.11
OR
mozillafirefoxMatch1.5.0.12
OR
mozillafirefoxMatch1.5.1
OR
mozillafirefoxMatch1.5.2
OR
mozillafirefoxMatch1.5.3
OR
mozillafirefoxMatch1.5.4
OR
mozillafirefoxMatch1.5.5
OR
mozillafirefoxMatch1.5.6
OR
mozillafirefoxMatch1.5.7
OR
mozillafirefoxMatch1.5.8
OR
mozillafirefoxMatch1.8
OR
mozillafirefoxMatch2.0
OR
mozillafirefoxMatch2.0beta_1
OR
mozillafirefoxMatch2.0beta1
OR
mozillafirefoxMatch2.0rc2
OR
mozillafirefoxMatch2.0rc3
OR
mozillafirefoxMatch2.0.0.1
OR
mozillafirefoxMatch2.0.0.2
OR
mozillafirefoxMatch2.0.0.3
OR
mozillafirefoxMatch2.0.0.4
OR
mozillafirefoxMatch2.0.0.5
OR
mozillafirefoxMatch2.0.0.6
OR
mozillafirefoxMatch2.0.0.7
OR
mozillafirefoxMatch2.0.0.8
OR
mozillafirefoxMatch2.0.0.9
OR
mozillafirefoxMatch2.0.0.10
OR
mozillafirefoxMatch2.0.0.11
OR
mozillafirefoxMatch2.0.0.12
OR
mozillafirefoxMatch2.0.0.13
OR
mozillafirefoxMatch2.0.0.14
OR
mozillafirefoxMatch2.0.0.15
OR
mozillafirefoxMatch2.0.0.16
OR
mozillafirefoxMatch2.0.0.17
OR
mozillafirefoxMatch2.0.0.18
OR
mozillafirefoxMatch2.0.0.19
OR
mozillafirefoxMatch2.0.0.20
OR
mozillafirefoxMatch2.0.0.21
OR
mozillafirefoxMatch3.0
OR
mozillafirefoxMatch3.0alpha
OR
mozillafirefoxMatch3.0beta2
OR
mozillafirefoxMatch3.0beta5
OR
mozillafirefoxMatch3.0.1
OR
mozillafirefoxMatch3.0.2
OR
mozillafirefoxMatch3.0.3
OR
mozillafirefoxMatch3.0.4
OR
mozillafirefoxMatch3.0.5
OR
mozillafirefoxMatch3.0.6
OR
mozillafirefoxMatch3.0.7
OR
mozillafirefoxMatch3.0.8
OR
mozillafirefoxMatch3.0.9
OR
mozillafirefoxMatch3.0.10
OR
mozillathunderbirdMatch2.0.0.0
OR
mozillathunderbirdMatch2.0.0.1
OR
mozillathunderbirdMatch2.0.0.2
OR
mozillathunderbirdMatch2.0.0.3
OR
mozillathunderbirdMatch2.0.0.4
OR
mozillathunderbirdMatch2.0.0.5
OR
mozillathunderbirdMatch2.0.0.6
OR
mozillathunderbirdMatch2.0.0.7
OR
mozillathunderbirdMatch2.0.0.8
OR
mozillathunderbirdMatch2.0.0.9
OR
mozillathunderbirdMatch2.0.0.11
OR
mozillathunderbirdMatch2.0.0.12
OR
mozillathunderbirdMatch2.0.0.13
OR
mozillathunderbirdMatch2.0.0.14
OR
mozillathunderbirdMatch2.0.0.15
OR
mozillathunderbirdMatch2.0.0.16
OR
mozillathunderbirdMatch2.0.0.17
OR
mozillathunderbirdMatch2.0.0.18
OR
mozillathunderbirdMatch2.0.0.19
OR
mozillathunderbirdMatch2.0.0.20
OR
mozillathunderbirdMatch2.0.0.21
VendorProductVersionCPE
mozillafirefox*cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
mozillafirefox0.1cpe:2.3:a:mozilla:firefox:0.1:*:*:*:*:*:*:*
mozillafirefox0.2cpe:2.3:a:mozilla:firefox:0.2:*:*:*:*:*:*:*
mozillafirefox0.3cpe:2.3:a:mozilla:firefox:0.3:*:*:*:*:*:*:*
mozillafirefox0.4cpe:2.3:a:mozilla:firefox:0.4:*:*:*:*:*:*:*
mozillafirefox0.5cpe:2.3:a:mozilla:firefox:0.5:*:*:*:*:*:*:*
mozillafirefox0.6cpe:2.3:a:mozilla:firefox:0.6:*:*:*:*:*:*:*
mozillafirefox0.6.1cpe:2.3:a:mozilla:firefox:0.6.1:*:*:*:*:*:*:*
mozillafirefox0.7cpe:2.3:a:mozilla:firefox:0.7:*:*:*:*:*:*:*
mozillafirefox0.7.1cpe:2.3:a:mozilla:firefox:0.7.1:*:*:*:*:*:*:*
Rows per page:
1-10 of 1161

References

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.6

Confidence

High

EPSS

0.508

Percentile

97.6%