ID CVE-2009-2542
Summary Netscape 6 and 8 allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
References
Vulnerable Configurations
  • cpe:2.3:a:netscape:navigator:6:*:*:*:*:*:*:*
    cpe:2.3:a:netscape:navigator:6:*:*:*:*:*:*:*
  • cpe:2.3:a:netscape:navigator:8:*:*:*:*:*:*:*
    cpe:2.3:a:netscape:navigator:8:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 10-10-2018 - 19:40)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
refmap via4
bugtraq
  • 20090715 Re: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3....
  • 20090715 Re:[GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3....
  • 20090715 [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3....
  • 20090716 Re[2]: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3....
exploit-db 9160
misc http://www.g-sec.lu/one-bug-to-rule-them-all.html
xf netscape-integer-value-dos(52876)
Last major update 10-10-2018 - 19:40
Published 20-07-2009 - 18:30
Last modified 10-10-2018 - 19:40
Back to Top