CVE-2009-2044
published 2009-06-12CVE-2009-2044: Mozilla Firefox 3.0.10 and earlier on Linux allows remote attackers to cause a denial of service (application crash) via a URI for a large GIF image in the…
PriorityP418medium4.3CVSS 2.0
AVNACMAuNCNINAP
EXPLOIT
EPSS
5.89%
92.3th percentile
Mozilla Firefox 3.0.10 and earlier on Linux allows remote attackers to cause a denial of service (application crash) via a URI for a large GIF image in the BACKGROUND attribute of a BODY element.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cairographics | cairo | >= 0 < 1.8.8-2 | 1.8.8-2 |
| cairographics | cairo | >= 0 < 1.8.8-2 | 1.8.8-2 |
| cairographics | cairo | >= 0 < 1.8.8-2 | 1.8.8-2 |
| cairographics | cairo | >= 0 < 1.8.8-2 | 1.8.8-2 |
| debian | cairo | < cairo 1.8.8-2 (bookworm) | cairo 1.8.8-2 (bookworm) |
| mozilla | firefox | <= 3.0.10 | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM
vendor_debian4.3LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-64cp-h6cw-59mg: Mozilla Firefox 3
ghsa_unreviewed·2022-05-02
CVE-2009-2044 [MEDIUM] CWE-20 GHSA-64cp-h6cw-59mg: Mozilla Firefox 3
Mozilla Firefox 3.0.10 and earlier on Linux allows remote attackers to cause a denial of service (application crash) via a URI for a large GIF image in the BACKGROUND attribute of a BODY element.
OSV
CVE-2009-2044: Mozilla Firefox 3
osv·2009-06-12·CVSS 4.3
CVE-2009-2044 [MEDIUM] CVE-2009-2044: Mozilla Firefox 3
Mozilla Firefox 3.0.10 and earlier on Linux allows remote attackers to cause a denial of service (application crash) via a URI for a large GIF image in the BACKGROUND attribute of a BODY element.
Debian
CVE-2009-2044: cairo - Mozilla Firefox 3.0.10 and earlier on Linux allows remote attackers to cause a d...
vendor_debian·2009·CVSS 4.3
CVE-2009-2044 [MEDIUM] CVE-2009-2044: cairo - Mozilla Firefox 3.0.10 and earlier on Linux allows remote attackers to cause a d...
Mozilla Firefox 3.0.10 and earlier on Linux allows remote attackers to cause a denial of service (application crash) via a URI for a large GIF image in the BACKGROUND attribute of a BODY element.
Scope: local
bookworm: resolved (fixed in 1.8.8-2)
bullseye: resolved (fixed in 1.8.8-2)
forky: resolved (fixed in 1.8.8-2)
sid: resolved (fixed in 1.8.8-2)
trixie: resolved (fixed in 1.8.8-2)
No detection rules found.
No writeups or analysis indexed.
http://e-rdc.org/v1/news.php?readmore=137http://www.securityfocus.com/archive/1/504214http://www.securityfocus.com/bid/35280https://bugzilla.mozilla.org/show_bug.cgi?id=496265https://exchange.xforce.ibmcloud.com/vulnerabilities/51037http://e-rdc.org/v1/news.php?readmore=137http://www.securityfocus.com/archive/1/504214http://www.securityfocus.com/bid/35280https://bugzilla.mozilla.org/show_bug.cgi?id=496265https://exchange.xforce.ibmcloud.com/vulnerabilities/51037
2009-06-12
Published