CVE-2009-2542 - Netscape 6 and 8 allows remote attackers to cause a denial of service (memory consumption) via a lar

CVE-2009-2542

Summary

Netscape 6 and 8 allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.

References

Vulnerable Configurations

cpe:2.3:a:netscape:navigator:6:*:*:*:*:*:*:*
cpe:2.3:a:netscape:navigator:6:*:*:*:*:*:*:*
cpe:2.3:a:netscape:navigator:8:*:*:*:*:*:*:*
cpe:2.3:a:netscape:navigator:8:*:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 10-10-2018 - 19:40)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:N/A:P

refmap via4

bugtraq	20090715 Re: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3.... 20090715 Re:[GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3.... 20090715 [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3.... 20090716 Re[2]: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3....
exploit-db	9160
misc	http://www.g-sec.lu/one-bug-to-rule-them-all.html
xf	netscape-integer-value-dos(52876)

Last major update

10-10-2018 - 19:40

Published

20-07-2009 - 18:30

Last modified

10-10-2018 - 19:40