CVE-2009-3072Out-of-bounds Write in Mozilla Firefox

6 documents5 sources
Severity
10.0CRITICALNVD
EPSS
4.7%
top 10.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mozilla Firefox
Timeline
PublishedSep 10
Latest updateMay 2

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the BinHex decoder in netwerk/streamconv/converters/nsBinHexDecoder.cpp, and unknown vectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDmozilla/firefox3.0.13+95

🔴Vulnerability Details

1
GHSA
GHSA-8cxh-33q5-hvj6: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 32022-05-02

📋Vendor Advisories

3
Ubuntu
Thunderbird vulnerabilities2010-03-18
Ubuntu
Firefox and Xulrunner vulnerabilities2009-09-10
Red Hat
Firefox 3.5.3 3.0.14 browser engine crashes2009-09-09

💬Community

1
Bugzilla
CVE-2009-3072 Firefox 3.5.3 3.0.14 browser engine crashes2009-09-07