5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.15 Low
EPSS
Percentile
95.7%
The js_watch_set function in js/src/jsdbgapi.cpp in the JavaScript engine
in Mozilla Firefox before 3.0.12 allows remote attackers to cause a denial
of service (assertion failure and application exit) or possibly execute
arbitrary code via a crafted .js file, related to a “memory safety bug.”
NOTE: this was originally reported as affecting versions before 3.0.13.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 9.04 | noarch | xulrunner-1.9.1 | < 1.9.1.3+build1+nobinonly-0ubuntu0.9.04.2 | UNKNOWN |