cbcvebase.
CVE-2009-1828
published 2009-05-29

CVE-2009-1828: Mozilla Firefox 3.0.10 allows remote attackers to cause a denial of service (infinite loop, application hang, and memory consumption) via a KEYGEN element in…

PriorityP426medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
8.78%
94.5th percentile
Mozilla Firefox 3.0.10 allows remote attackers to cause a denial of service (infinite loop, application hang, and memory consumption) via a KEYGEN element in conjunction with (1) a META element specifying automatic page refresh or (2) a JavaScript onLoad event handler for a BODY element. NOTE: it was later reported that earlier versions are also affected.

Affected

90 ranges· showing 25
VendorProductVersion rangeFixed in
googlechrome<= 1.0.154.48
googlechrome
googlechrome
googlechrome
googlechrome
googlechrome
googlechrome
googlechrome
googlechrome
googlechrome
googlechrome
googlechrome
googlechrome
googlechrome
googlechrome
googlechrome
googlechrome
microsoftinternet_explorer6.0 – 6.00.2900.2180
microsoftinternet_explorer7.0 – 7.0.6000.16711
mozillafirefox
operaopera_browser<= 9.52
operaopera_browser
operaopera_browser
operaopera_browser
operaopera_browser
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.