CVE-2009-0821
published 2009-03-05CVE-2009-0821: Mozilla Firefox 2.0.0.20 and earlier allows remote attackers to cause a denial of service (application crash) via nested calls to the window.print function, as…
PriorityP422medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
5.29%
91.6th percentile
Mozilla Firefox 2.0.0.20 and earlier allows remote attackers to cause a denial of service (application crash) via nested calls to the window.print function, as demonstrated by a window.print(window.print()) in the onclick attribute of an INPUT element.
Affected
138 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chrome | <= 0.2.149.29 | — | |
| chrome | — | — | |
| microsoft | internet_explorer | 7.0 – 7.0.6000.16711 | — |
| mozilla | firefox | <= 2.0.0.20 | — |
| mozilla | firefox | <= 3.0.1 | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
Firefox: DoS (hang) via "printing DoS attack"
vendor_redhat·2008-09-19·CVSS 5.0
CVE-2008-7244 [MEDIUM] Firefox: DoS (hang) via "printing DoS attack"
Firefox: DoS (hang) via "printing DoS attack"
Mozilla Firefox 3.0.1 and earlier allows remote attackers to cause a denial of service (browser hang) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821.
GHSA
GHSA-xxww-hv47-2ppx: Google Chrome 0
ghsa_unreviewed·2022-05-14·CVSS 5.0
CVE-2008-7246 [MEDIUM] GHSA-xxww-hv47-2ppx: Google Chrome 0
Google Chrome 0.2.149.29 and earlier allows remote attackers to cause a denial of service (unusable browser) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821.
GHSA
GHSA-526x-4gfg-f5vp: Opera 9
ghsa_unreviewed·2022-05-14·CVSS 5.0
CVE-2008-7245 [MEDIUM] GHSA-526x-4gfg-f5vp: Opera 9
Opera 9.52 and earlier allows remote attackers to cause a denial of service (unusable browser) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821.
GHSA
GHSA-jfpp-cqw2-38m3: Mozilla Firefox 3
ghsa_unreviewed·2022-05-14·CVSS 5.0
CVE-2008-7244 [MEDIUM] GHSA-jfpp-cqw2-38m3: Mozilla Firefox 3
Mozilla Firefox 3.0.1 and earlier allows remote attackers to cause a denial of service (browser hang) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821.
GHSA
GHSA-v973-q8fj-656q: Mozilla Firefox 2
ghsa_unreviewed·2022-05-02
CVE-2009-0821 [MEDIUM] GHSA-v973-q8fj-656q: Mozilla Firefox 2
Mozilla Firefox 2.0.0.20 and earlier allows remote attackers to cause a denial of service (application crash) via nested calls to the window.print function, as demonstrated by a window.print(window.print()) in the onclick attribute of an INPUT element.
GHSA
GHSA-73pf-mvfq-rghp: Microsoft Internet Explorer 7 through 7
ghsa_unreviewed·2022-05-02·CVSS 5.0
CVE-2009-3270 [MEDIUM] CWE-400 GHSA-73pf-mvfq-rghp: Microsoft Internet Explorer 7 through 7
Microsoft Internet Explorer 7 through 7.0.6000.16711 allows remote attackers to cause a denial of service (unusable browser) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821.
No detection rules found.
2009-03-05
Published