Lucene search

K
freebsdFreeBSD49E8F2EE-8147-11DE-A994-0030843D3802
HistoryAug 03, 2009 - 12:00 a.m.

mozilla -- multiple vulnerabilities

2009-08-0300:00:00
vuxml.freebsd.org
15

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.604

Percentile

97.8%

Mozilla Project reports:

MFSA 2009-38: Data corruption with SOCKS5 reply containing DNS name
longer than 15 characters
MFSA 2009-42: Compromise of SSL-protected communication
MFSA 2009-43: Heap overflow in certificate regexp parsing
MFSA 2009-44: Location bar and SSL indicator spoofing via window.open()
on invalid URL
MFSA 2009-45: Crashes with evidence of memory corruption
(rv:1.9.1.2/1.9.0.13)
MFSA 2009-46: Chrome privilege escalation due to incorrectly cached
wrapper

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.604

Percentile

97.8%