9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.169 Low
EPSS
Percentile
96.0%
Security researcher regenrecht reported via TippingPoint’s Zero Day Initiative that XUL objects could be manipulated such that the setting of certain properties on the object would trigger the removal of the tree from the DOM and cause certain sections of deleted memory to be accessed. In products based on Gecko version 1.9.2 (Firefox 3.6, Thunderbird 3.1) and newer this memory has been overwritten by a value that will cause an unexploitable crash. In products based on Gecko version 1.9.1 (Firefox 3.5, Thunderbird 3.0, and SeaMonkey 2.0) and older an attacker could potentially use this vulnerability to crash a victim’s browser and run arbitrary code on their computer.
CPE | Name | Operator | Version |
---|---|---|---|
firefox | lt | 3.5.12 | |
firefox | lt | 3.6.9 | |
seamonkey | lt | 2.0.7 | |
thunderbird | lt | 3.0.7 | |
thunderbird | lt | 3.1.3 |