9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.3 High
AI Score
Confidence
Low
0.97 High
EPSS
Percentile
99.7%
js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka TraceMonkey) in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a document containing P and FONT elements.
blog.mozilla.com/security/2009/07/14/critical-javascript-vulnerability-in-firefox-35/
isc.sans.org/diary.html?storyid=6796
secunia.com/advisories/35798
sunsolve.sun.com/search/document.do?assetkey=1-66-266148-1
voices.washingtonpost.com/securityfix/2009/07/stopgap_fix_for_critical_firef.html
www.exploit-db.com/exploits/9137
www.exploit-db.com/exploits/9181
www.h-online.com/security/First-Zero-Day-Exploit-for-Firefox-3-5--/news/113761
www.kb.cert.org/vuls/id/443060
www.mozilla.org/security/announce/2009/mfsa2009-41.html
www.securityfocus.com/bid/35660
www.vupen.com/english/advisories/2009/1868
bugzilla.mozilla.org/show_bug.cgi?id=503286
www.exploit-db.com/exploits/40936/
www.redhat.com/archives/fedora-package-announce/2009-July/msg00909.html