Arbitrary Code Execution

2020-04-1001:01:38

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

firefox is vulnerable to arbitrary code execution. A dangling pointer flaw was found in the way Firefox handled a certain Document Object Model (DOM) element. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

CPENameOperatorVersion
firefoxeq3.6.9__2.el6
firefoxeq3.0.1__1.el5
firefoxeq1.5.0.9__0.1.el4
firefoxeq1.5.0.5__0.el4.1
firefoxeq1.5.0.8__0.1.el4
firefoxeq3.0.5__1.el5_2
firefoxeq1.5.0.12__0.7.el4
firefoxeq3.0.1__1.el4
firefoxeq1.5.0.12__9.el5
firefoxeq3.0.18__1.el4

Name	Operator	Version
firefox	eq	3.6.9__2.el6
firefox	eq	3.0.1__1.el5
firefox	eq	1.5.0.9__0.1.el4
firefox	eq	1.5.0.5__0.el4.1
firefox	eq	1.5.0.8__0.1.el4
firefox	eq	3.0.5__1.el5_2
firefox	eq	1.5.0.12__0.7.el4
firefox	eq	3.0.1__1.el4
firefox	eq	1.5.0.12__9.el5
firefox	eq	3.0.18__1.el4