CVE-2009-3075Out-of-bounds Write in Mozilla Firefox

6 documents5 sources
Severity
10.0CRITICALNVD
EPSS
6.4%
top 8.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mozilla Firefox
Timeline
PublishedSep 10
Latest updateMay 2

Description

Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.2, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to use of mutable strings in the js_StringReplaceHelper function in js/src/jsstr.cpp, and unknown vectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDmozilla/firefox3.0.13+94

🔴Vulnerability Details

1
GHSA
GHSA-5p9h-x8mc-2cx4: Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 32022-05-02

📋Vendor Advisories

3
Ubuntu
Thunderbird vulnerabilities2010-03-18
Ubuntu
Firefox and Xulrunner vulnerabilities2009-09-10
Red Hat
Firefox 3.5.2 3.0.14 JavaScript engine crashes2009-09-09

💬Community

1
Bugzilla
CVE-2009-3075 Firefox 3.5.2 3.0.14 JavaScript engine crashes2009-09-07