CVE-2009-3380 - Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 an

CVE-2009-3380

Summary

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

References

Vulnerable Configurations

cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.12:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.12:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.13:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.13:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.14:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.14:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.5.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.5.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.5.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.5.3:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 19-09-2017 - 01:29)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

oval via4

accepted

2014-10-06T04:04:13.773-04:00

class

vulnerability

contributors

name Prabhu S A
organization SecPod Technologies
name Sergey Artykhov
organization ALTX-SOFT
name Sergey Artykhov
organization ALTX-SOFT
name Evgeniy Pavlov
organization ALTX-SOFT
name Evgeniy Pavlov
organization ALTX-SOFT
name Evgeniy Pavlov
organization ALTX-SOFT

definition_extensions

comment	Mozilla Firefox Mainline release is installed
oval	oval:org.mitre.oval:def:22259

description

family

windows

oval:org.mitre.oval:def:6580

status

accepted

submitted

2009-11-04T12:10:11

title

Multiple vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 to cause a denial of service

version

accepted

2013-04-29T04:19:35.282-04:00

class

vulnerability

contributors

name Aharon Chernin
organization SCAP.com, LLC
name Dragos Prisaca
organization G2, Inc.

definition_extensions

comment The operating system installed on the system is Red Hat Enterprise Linux 3
oval oval:org.mitre.oval:def:11782
comment CentOS Linux 3.x
oval oval:org.mitre.oval:def:16651
comment The operating system installed on the system is Red Hat Enterprise Linux 4
oval oval:org.mitre.oval:def:11831
comment CentOS Linux 4.x
oval oval:org.mitre.oval:def:16636
comment Oracle Linux 4.x
oval oval:org.mitre.oval:def:15990
comment The operating system installed on the system is Red Hat Enterprise Linux 5
oval oval:org.mitre.oval:def:11414
comment The operating system installed on the system is CentOS Linux 5.x
oval oval:org.mitre.oval:def:15802
comment Oracle Linux 5.x
oval oval:org.mitre.oval:def:15459

description

family

unix

oval:org.mitre.oval:def:9463

status

accepted

submitted

2010-07-09T03:56:16-04:00

title

version

redhat via4

advisories

rhsa
id RHSA-2010:0153
rhsa
id RHSA-2010:0154

rpms

firefox-0:3.0.15-3.el4
firefox-0:3.0.15-3.el5_4
firefox-debuginfo-0:3.0.15-3.el4
firefox-debuginfo-0:3.0.15-3.el5_4
nspr-0:4.7.6-1.el4_8
nspr-0:4.7.6-1.el5_4
nspr-debuginfo-0:4.7.6-1.el4_8
nspr-debuginfo-0:4.7.6-1.el5_4
nspr-devel-0:4.7.6-1.el4_8
nspr-devel-0:4.7.6-1.el5_4
xulrunner-0:1.9.0.15-3.el5_4
xulrunner-debuginfo-0:1.9.0.15-3.el5_4
xulrunner-devel-0:1.9.0.15-3.el5_4
xulrunner-devel-unstable-0:1.9.0.15-3.el5_4
seamonkey-0:1.0.9-0.47.el3
seamonkey-0:1.0.9-50.el4_8
seamonkey-chat-0:1.0.9-0.47.el3
seamonkey-chat-0:1.0.9-50.el4_8
seamonkey-debuginfo-0:1.0.9-0.47.el3
seamonkey-debuginfo-0:1.0.9-50.el4_8
seamonkey-devel-0:1.0.9-0.47.el3
seamonkey-devel-0:1.0.9-50.el4_8
seamonkey-dom-inspector-0:1.0.9-0.47.el3
seamonkey-dom-inspector-0:1.0.9-50.el4_8
seamonkey-js-debugger-0:1.0.9-0.47.el3
seamonkey-js-debugger-0:1.0.9-50.el4_8
seamonkey-mail-0:1.0.9-0.47.el3
seamonkey-mail-0:1.0.9-50.el4_8
seamonkey-nspr-0:1.0.9-0.47.el3
seamonkey-nspr-devel-0:1.0.9-0.47.el3
seamonkey-nss-0:1.0.9-0.47.el3
seamonkey-nss-devel-0:1.0.9-0.47.el3
thunderbird-0:2.0.0.24-2.el5_4
thunderbird-debuginfo-0:2.0.0.24-2.el5_4
thunderbird-0:1.5.0.12-25.el4
thunderbird-debuginfo-0:1.5.0.12-25.el4

refmap via4

Last major update

19-09-2017 - 01:29

Published

29-10-2009 - 14:30

Last modified

19-09-2017 - 01:29