Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:4999
HistoryApr 04, 2009 - 12:00 a.m.

Mozilla Firefox '_moveToEdgeShift' 远程代码执行漏洞

2009-04-0400:00:00
Root
www.seebug.org
9

0.918 High

EPSS

Percentile

98.7%

JSON

BUGTRAQ ID: 34181
CVE ID:CVE-2009-1044
CNCVE ID:CNCVE-20091044

Mozilla Firefox是一款开放源码WEB浏览器。
Mozilla Firefox处理XUL树方法_moveToEdgeShift()存在缺陷,远程攻击者可以利用漏洞以应用程序上下文执行任意代码。
在部分情况下,XUL树方法_moveToEdgeShift()会在当前仍旧在使用的对象上执行垃圾收集例程,在这个情况下,当尝试访问之前破坏的对象时浏览器会崩溃,攻击者可以利用这个崩溃在目标用户系统上执行任意代码。

Mozilla Firefox < 3.0.8
升级到Mozilla Firefox 3.0.8版本
<a href=“http://www.mozilla.com/en-US/” target=“_blank”>http://www.mozilla.com/en-US/</a>


                                                http://www.sebug.net/local/poc/2009-Firefox-XUL-0day-PoC.rar

Related

checkpoint_advisories 2
prion 1
cve 1
veracode 1
zdi 1
seebug 1
securityvulns 3
ubuntucve 1
mozilla 1
openvas 39
nessus 18
fedora 58
centos 3
oraclelinux 2
redhat 2
debian 2
ubuntu 1
suse 1
osv 1
gentoo 1
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox XUL Tree Element Code Execution - Ver2 (CVE-2009-1044)
2014-03-31 00:00:00
Mozilla Firefox XUL Tree Element Code Execution - Ver2 (CVE-2009-1044)
2014-03-31 00:00:00
prion
prion
Design/Logic Flaw
2009-03-23 14:19:00
cve
cve
CVE-2009-1044
2009-03-23 14:19:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:31:20
zdi
zdi
Mozilla Firefox XUL _moveToEdgeShift() Memory Corruption Vulnerability
2009-03-30 00:00:00
seebug
seebug
Firefox _moveToEdgeShift方式远程代码执行漏洞
2009-04-01 00:00:00
securityvulns
securityvulns
ZDI-09-015: Mozilla Firefox XUL _moveToEdgeShift&#40;&#41; Memory Corruption Vulnerability
2009-04-01 00:00:00
Mozilla Foundation Security Advisory 2009-13
2009-04-01 00:00:00
Mozilla Firefox / Seamonkey / Thunderbird multiple security vulnerabilities
2009-04-01 00:00:00
ubuntucve
ubuntucve
CVE-2009-1044
2009-03-27 00:00:00
mozilla
mozilla
Arbitrary code execution via XUL tree element — Mozilla
2009-03-27 00:00:00
openvas
openvas
Ubuntu USN-745-1 (xulrunner-1.9)
2009-04-06 00:00:00
RedHat Security Advisory RHSA-2009:0398
2009-04-06 00:00:00
CentOS Update for seamonkey CESA-2009:0398 centos3 i386
2011-08-09 00:00:00
nessus
nessus
RHEL 2.1 / 3 / 4 : seamonkey (RHSA-2009:0398)
2009-03-30 00:00:00
openSUSE Security Update : MozillaFirefox (MozillaFirefox-745)
2009-07-21 00:00:00
Mandriva Linux Security Advisory : firefox (MDVSA-2009:084)
2009-04-23 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: devhelp-0.19.1-10.fc9
2009-03-28 17:24:32
[SECURITY] Fedora 10 Update: gnome-web-photo-0.3-16.fc10
2009-03-28 17:23:55
[SECURITY] Fedora 9 Update: chmsee-1.0.1-10.fc9
2009-03-28 01:24:44
centos
centos
seamonkey security update
2009-03-28 14:45:12
firefox, xulrunner security update
2009-04-09 17:48:16
seamonkey security update
2009-03-30 22:53:22
oraclelinux
oraclelinux
seamonkey security update
2009-03-29 00:00:00
firefox security update
2009-03-29 00:00:00
redhat
redhat
(RHSA-2009:0397) Critical: firefox security update
2009-03-27 00:00:00
(RHSA-2009:0398) Critical: seamonkey security update
2009-03-27 00:00:00
debian
debian
[SECURITY] [DSA 1756-1] New xulrunner packages fix multiple vulnerabilities
2009-03-29 18:03:00
[SECURITY] [DSA 1756-1] New xulrunner packages fix multiple vulnerabilities
2009-03-29 18:03:08
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2009-03-28 00:00:00
suse
suse
remote code execution in MozillaFirefox
2009-04-20 12:00:48
osv
osv
xulrunner - multiple vulnerabilities
2009-03-29 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00

0.918 High

EPSS

Percentile

98.7%

JSON
Related for SSV:4999
checkpoint_advisories2prion1cve1veracode1zdi1seebug1securityvulns3ubuntucve1mozilla1openvas39nessus18fedora58centos3oraclelinux2redhat2debian2ubuntu1suse1osv1gentoo1