CVE-2009-3074

2009-09-1021:30:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

mozilla

firefox

cve-2009-3074

unspecified vulnerability

javascript engine

denial of service

memory corruption

application crash

remote attackers

execute arbitrary code

9.6 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.49 Medium

EPSS

Percentile

97.5%

JSON

Unspecified vulnerability in the JavaScript engine in Mozilla Firefox before 3.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CPENameOperatorVersion
mozilla:firefoxmozilla firefoxeq0.1
mozilla:firefoxmozilla firefoxeq0.9_rc
mozilla:firefoxmozilla firefoxeq0.8
mozilla:firefoxmozilla firefoxeq2.0.0.12
mozilla:firefoxmozilla firefoxeq1.5
mozilla:firefoxmozilla firefoxeq2.0_.7
mozilla:firefoxmozilla firefoxeq3.0.7
mozilla:firefoxmozilla firefoxeq1.5.2
mozilla:firefoxmozilla firefoxeq3.0.9
mozilla:firefoxmozilla firefoxeq1.5.0.6

CPE	Name	Operator	Version
mozilla:firefox	mozilla firefox	eq	0.1
mozilla:firefox	mozilla firefox	eq	0.9_rc
mozilla:firefox	mozilla firefox	eq	0.8
mozilla:firefox	mozilla firefox	eq	2.0.0.12
mozilla:firefox	mozilla firefox	eq	1.5
mozilla:firefox	mozilla firefox	eq	2.0_.7
mozilla:firefox	mozilla firefox	eq	3.0.7
mozilla:firefox	mozilla firefox	eq	1.5.2
mozilla:firefox	mozilla firefox	eq	3.0.9
mozilla:firefox	mozilla firefox	eq	1.5.0.6