Published: 08/01/2009 Updated: 29/09/2017

CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9

VMScore: 265

Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P

Mozilla Firefox 3.0.5 and previous versions 3.0.x versions, when designMode is enabled, allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a certain (a) replaceChild or (b) removeChild call, followed by a (1) queryCommandValue, (2) queryCommandState, or (3) queryCommandIndeterm call. NOTE: it was later reported that 3.0.6 and 3.0.7 are also affected.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla firefox 3.0.4
mozilla firefox 3.0.3
mozilla firefox 3.0
mozilla firefox 3.0.2
mozilla firefox 3.0.1
mozilla firefox 3.0.5

<BODY onload=" documentdesignMode='on';//string documentremoveChild(documentfirstChild);//object documentqueryCommandState('BackColor'); "> # milw0rmcom [2009-02-23] ...

CWE-399 https://bugzilla.mozilla.org/show_bug.cgi?id=456727 http://archives.neohapsis.com/archives/fulldisclosure/2009-01/0220.html http://www.securityfocus.com/bid/33154 http://archives.neohapsis.com/archives/fulldisclosure/2009-01/0224.html https://bugzilla.mozilla.org/show_bug.cgi?id=472507 http://archives.neohapsis.com/archives/fulldisclosure/2009-01/0223.html https://bugzilla.mozilla.org/show_bug.cgi?id=448329 https://www.exploit-db.com/exploits/8219 https://www.exploit-db.com/exploits/8091 https://nvd.nist.gov https://www.exploit-db.com/exploits/8091/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2009-0071

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect