CVE-2009-3072

2009-09-1021:30:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2009-3072

mozilla firefox

thunderbird

denial of service

memory corruption

application crash

arbitrary code execution

nvd

binhex decoder

security

vulnerability

9.9 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.723 High

EPSS

Percentile

98.0%

JSON

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the BinHex decoder in netwerk/streamconv/converters/nsBinHexDecoder.cpp, and unknown vectors.

CPENameOperatorVersion
mozilla:firefoxmozilla firefoxeq0.1
mozilla:firefoxmozilla firefoxeq0.9_rc
mozilla:firefoxmozilla firefoxeq0.8
mozilla:firefoxmozilla firefoxeq2.0.0.12
mozilla:firefoxmozilla firefoxeq1.5
mozilla:firefoxmozilla firefoxeq2.0_.7
mozilla:firefoxmozilla firefoxeq3.0.7
mozilla:firefoxmozilla firefoxeq1.5.2
mozilla:firefoxmozilla firefoxeq3.0.9
mozilla:firefoxmozilla firefoxeq1.5.0.6

CPE	Name	Operator	Version
mozilla:firefox	mozilla firefox	eq	0.1
mozilla:firefox	mozilla firefox	eq	0.9_rc
mozilla:firefox	mozilla firefox	eq	0.8
mozilla:firefox	mozilla firefox	eq	2.0.0.12
mozilla:firefox	mozilla firefox	eq	1.5
mozilla:firefox	mozilla firefox	eq	2.0_.7
mozilla:firefox	mozilla firefox	eq	3.0.7
mozilla:firefox	mozilla firefox	eq	1.5.2
mozilla:firefox	mozilla firefox	eq	3.0.9
mozilla:firefox	mozilla firefox	eq	1.5.0.6