CVE-2009-3073 - Unspecified vulnerability in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.3 allows remo

CVE-2009-3073

Summary

Unspecified vulnerability in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

References

Vulnerable Configurations

cpe:2.3:a:mozilla:firefox:3.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.5.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.5.2:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 19-09-2017 - 01:29)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

oval via4

accepted

2014-03-17T04:00:27.881-04:00

class

vulnerability

contributors

name Chandan S
organization SecPod Technologies
name Sergey Artykhov
organization ALTX-SOFT
name Sergey Artykhov
organization ALTX-SOFT
name Maria Mikhno
organization ALTX-SOFT

definition_extensions

comment	Mozilla Firefox Mainline release is installed
oval	oval:org.mitre.oval:def:22259

description

family

windows

oval:org.mitre.oval:def:6398

status

accepted

submitted

2009-09-23T12:10:11

title

Mozilla Firefox 3.5.x before 3.5.3 JavaScript engine allow denial of service Vulnerability

version

refmap via4

bid	36343
confirm	http://www.mozilla.org/security/announce/2009/mfsa2009-47.html https://bugzilla.mozilla.org/show_bug.cgi?id=507292
secunia	36671 37098
suse	SUSE-SA:2009:048

saint via4

bid	36343
description	Mozilla Firefox PKCS11 Module Installation Code Execution
id	web_client_firefox
osvdb	57977
title	firefox_pkcs11
type	client

Last major update

19-09-2017 - 01:29

Published

10-09-2009 - 21:30

Last modified

19-09-2017 - 01:29