CVE-2009-3980Out-of-bounds Write in Mozilla Seamonkey

CWE-3995 documents4 sources
Severity
9.3CRITICALNVD
EPSS
4.4%
top 10.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mozilla SeamonkeyMozilla Firefox
Timeline
PublishedDec 17
Latest updateMay 2

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDmozilla/seamonkey2.0+35
NVDmozilla/firefox5 versions+4

Patches

Patch: www.mozilla.orgPatch: www.vupen.comPatch: www.mozilla.org

🔴Vulnerability Details

2
GHSA
GHSA-rwx9-3ffq-6xrc: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 32022-05-02
CVEList
CVE-2009-3980: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 32009-12-17

📋Vendor Advisories

2
Ubuntu
Firefox 3.5 and Xulrunner 1.9.1 regression2010-01-08
Ubuntu
Firefox 3.5 and Xulrunner 1.9.1 vulnerabilities2009-12-18
CVE-2009-3980 — Out-of-bounds Write in Mozilla | cvebase