CVE-2009-0352 — Out-of-bounds Write in Mozilla Seamonkey

CWE-3997 documents6 sources

Severity

10.0CRITICALNVD

EPSS

8.5%

top 7.60%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Seamonkey Mozilla Thunderbird Mozilla Firefox

Timeline

PublishedFeb 4

Latest updateMay 2

Description

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and destruction of arbitrary layout objects by the nsViewManager::Composite function.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

▶NVDmozilla/seamonkey1.1.13+22

▶NVDmozilla/thunderbird2.0.0.19+36

▶NVDmozilla/firefox6 versions+5

🔴Vulnerability Details

GHSA

GHSA-f6h6-jfpf-wgvv: Multiple unspecified vulnerabilities in Mozilla Firefox 3↗2022-05-02

▶

CVEList

CVE-2009-0352: Multiple unspecified vulnerabilities in Mozilla Firefox 3↗2009-02-04

▶

📋Vendor Advisories

Ubuntu

Thunderbird vulnerabilities↗2009-03-19

▶

Ubuntu

Firefox and Xulrunner vulnerabilities↗2009-02-10

▶

Red Hat

Firefox layout crashes with evidence of memory corruption↗2009-02-03

▶

💬Community

Bugzilla

CVE-2009-0352 Firefox layout crashes with evidence of memory corruption↗2009-01-29

▶