CVE-2009-3979Out-of-bounds Write in Mozilla Firefox

9 documents6 sources
Severity
9.3CRITICALNVD
EPSS
5.1%
top 10.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mozilla FirefoxMozilla Seamonkey
Timeline
PublishedDec 17
Latest updateMay 2

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDmozilla/firefox3.0.15+98
NVDmozilla/seamonkey2.0+35

Patches

Patch: www.mozilla.orgPatch: www.mozilla.org

🔴Vulnerability Details

2
GHSA
GHSA-734v-fvv9-cgqm: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 32022-05-02
CVEList
CVE-2009-3979: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 32009-12-17

📋Vendor Advisories

5
Ubuntu
Firefox 3.5 and Xulrunner 1.9.1 regression2010-01-08
Ubuntu
Firefox 3.0 and Xulrunner 1.9 regression2010-01-08
Ubuntu
Firefox 3.5 and Xulrunner 1.9.1 vulnerabilities2009-12-18
Ubuntu
Firefox 3.0 and Xulrunner 1.9 vulnerabilities2009-12-18
Red Hat
Mozilla crash with evidence of memory corruption2009-12-15

💬Community

1
Bugzilla
CVE-2009-3979 Mozilla crash with evidence of memory corruption2009-12-11
CVE-2009-3979 — Out-of-bounds Write in Mozilla Firefox | cvebase