Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-2477Code Injection in Mozilla Firefox

CWE-94Code Injection10 documents7 sources
Severity
9.3CRITICALNVD
EPSS
83.3%
top 0.73%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Mozilla Firefox
Timeline
PublishedJul 15
Latest updateMay 2

Description

js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka TraceMonkey) in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a document containing P and FONT elements.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

Patches

Patch: www.mozilla.orgPatch: www.vupen.comPatch: www.mozilla.org

🔴Vulnerability Details

2
GHSA
GHSA-p5fj-7pgr-xv7v: js/src/jstracer2022-05-02
VulnCheck
Mozilla Firefox Improper Control of Generation of Code ('Code Injection')2009

💥Exploits & PoCs

5
Exploit-DB
Naenara Browser 3.5 (RedStar 3.0 Desktop) - 'JACKRABBIT' Client-Side Command Execution2016-12-18
Exploit-DB
Mozilla Firefox 3.5 - 'escape()' Return Value Memory Corruption (Metasploit)2010-09-20
Exploit-DB
Mozilla Firefox 3.5 - 'Font tags' Remote HeapSpray (2)2009-07-20
Exploit-DB
Mozilla Firefox 3.5 - Font tags Remote Buffer Overflow2009-07-13
Metasploit
Firefox 3.5 escape() Return Value Memory Corruption

📋Vendor Advisories

1
Red Hat
firefox 3.5 various flaws2009-07-14

💬Community

1
Bugzilla
CVE-2009-2477 CVE-2009-2478 CVE-2009-2479 firefox 3.5 various flaws2009-07-14