Lucene search

[email protected]NVD:CVE-2009-3373

HistoryOct 29, 2009 - 2:30 p.m.

CVE-2009-3373

2009-10-2914:30:00

CWE-119

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

High

0.322 Low

EPSS

Percentile

97.1%

JSON

Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors.

Affected configurations

NVD

Node

mozillafirefoxMatch3.0

mozillafirefoxMatch3.0alpha

mozillafirefoxMatch3.0beta2

mozillafirefoxMatch3.0beta5

mozillafirefoxMatch3.0.1

mozillafirefoxMatch3.0.2

mozillafirefoxMatch3.0.3

mozillafirefoxMatch3.0.4

mozillafirefoxMatch3.0.5

mozillafirefoxMatch3.0.6

mozillafirefoxMatch3.0.7

mozillafirefoxMatch3.0.8

mozillafirefoxMatch3.0.9

mozillafirefoxMatch3.0.10

mozillafirefoxMatch3.0.11

mozillafirefoxMatch3.0.12

mozillafirefoxMatch3.0.13

mozillafirefoxMatch3.0.14

mozillafirefoxMatch3.5.1

mozillafirefoxMatch3.5.2

mozillafirefoxMatch3.5.3

mozillaseamonkeyRange≤1.5.0.10

mozillaseamonkeyMatch1.0

mozillaseamonkeyMatch1.0alpha

mozillaseamonkeyMatch1.0beta

mozillaseamonkeyMatch1.0.1

mozillaseamonkeyMatch1.0.2

mozillaseamonkeyMatch1.0.3

mozillaseamonkeyMatch1.0.4

mozillaseamonkeyMatch1.0.5

mozillaseamonkeyMatch1.0.6

mozillaseamonkeyMatch1.0.7

mozillaseamonkeyMatch1.0.8

mozillaseamonkeyMatch1.0.9

mozillaseamonkeyMatch1.1

mozillaseamonkeyMatch1.1alpha

mozillaseamonkeyMatch1.1beta

mozillaseamonkeyMatch1.1.1

mozillaseamonkeyMatch1.1.2

mozillaseamonkeyMatch1.1.3

mozillaseamonkeyMatch1.1.4

mozillaseamonkeyMatch1.1.5

mozillaseamonkeyMatch1.1.6

mozillaseamonkeyMatch1.1.7

mozillaseamonkeyMatch1.1.8

mozillaseamonkeyMatch1.1.9

mozillaseamonkeyMatch1.1.10

mozillaseamonkeyMatch1.1.11

mozillaseamonkeyMatch1.1.12

mozillaseamonkeyMatch1.1.13

mozillaseamonkeyMatch1.1.14

mozillaseamonkeyMatch1.1.15

mozillaseamonkeyMatch1.1.16

mozillaseamonkeyMatch1.1.17

mozillaseamonkeyMatch1.5.0.8

mozillaseamonkeyMatch1.5.0.9

References

sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1

www.mandriva.com/security/advisories?name=MDVSA-2009:294

www.mozilla.org/security/announce/2009/mfsa2009-56.html

www.vupen.com/english/advisories/2009/3334

bugzilla.mozilla.org/show_bug.cgi?id=511689

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10684

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6548

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

High

0.322 Low

EPSS

Percentile

97.1%

JSON

Related for NVD:CVE-2009-3373

cve2 cvelist2 zdt1 securityvulns3 prion2 mozilla1 seebug1 ubuntucve2 veracode1 nvd1 openvas41 nessus29 fedora41 debian1 osv1 oraclelinux1 centos1 redhat1 vmware2 ubuntu2 suse1 freebsd1 gentoo1