CVE-2009-1838 — Code Injection in Mozilla Firefox

CWE-94 — Code Injection9 documents7 sources

Severity

9.3CRITICALNVD

EPSS

4.6%

top 10.71%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Mozilla Seamonkey Mozilla Thunderbird

Timeline

PublishedJun 12

Latest updateMay 2

Description

The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 sets an element's owner document to null in unspecified circumstances, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted event handler, related to an incorrect context for this event handler.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages3 packages

▶NVDmozilla/firefox3.0.10+90

▶NVDmozilla/seamonkey1.1.16+21

▶NVDmozilla/thunderbird2.0.0.19+66

Patches

Patch: www.securityfocus.com ↗Patch: www.vupen.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-p6f8-2h8r-5246: The garbage-collection implementation in Mozilla Firefox before 3↗2022-05-02

▶

Kernel

namei: allow restricted O_CREAT of FIFOs and regular files↗2018-08-23

▶

CVEList

CVE-2009-1838: The garbage-collection implementation in Mozilla Firefox before 3↗2009-06-12

▶

📋Vendor Advisories

Ubuntu

Thunderbird vulnerabilities↗2009-06-25

▶

Ubuntu

Firefox and Xulrunner vulnerabilities↗2009-06-12

▶

Red Hat

Firefox arbitrary code execution flaw↗2009-06-11

▶

💬Community

Bugzilla

CVE-2009-1838 Firefox arbitrary code execution flaw↗2009-06-01

▶