Lucene search

K
ubuntucveUbuntu.comUB:CVE-2009-1313
HistoryApr 30, 2009 - 12:00 a.m.

CVE-2009-1313

2009-04-3000:00:00
ubuntu.com
ubuntu.com
16

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.932

Percentile

99.1%

The nsTextFrame::ClearTextRun function in
layout/generic/nsTextFrameThebes.cpp in Mozilla Firefox 3.0.9 allows remote
attackers to cause a denial of service (memory corruption) and probably
execute arbitrary code via unspecified vectors. NOTE: this vulnerability
reportedly exists because of an incorrect fix for CVE-2009-1302.

Notes

Author Note
jdstrand introduced in 3.0.9
OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchfirefox-3.0<Β 3.0.10+nobinonly-0ubuntu0.8.04.1UNKNOWN
ubuntu8.10noarchfirefox-3.0<Β 3.0.10+nobinonly-0ubuntu0.8.10.1UNKNOWN
ubuntu9.04noarchfirefox-3.0<Β 3.0.10+nobinonly-0ubuntu0.9.04.1UNKNOWN

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.932

Percentile

99.1%