Lucene search

K
mozillaMozilla FoundationMFSA2009-14
HistoryApr 21, 2009 - 12:00 a.m.

Crashes with evidence of memory corruption (rv:1.9.0.9) — Mozilla

2009-04-2100:00:00
Mozilla Foundation
www.mozilla.org
43

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.264

Percentile

96.8%

Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code.

Affected configurations

Vulners
Node
mozillafirefoxRange<3.0.9
OR
mozillaseamonkeyRange<1.1.16
OR
mozillathunderbirdRange<2.0.0.22
VendorProductVersionCPE
mozillafirefox*cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
mozillaseamonkey*cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
mozillathunderbird*cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.264

Percentile

96.8%