Published: 15/07/2009 Updated: 19/09/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 950

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka TraceMonkey) in Mozilla Firefox 3.5 prior to 3.5.1 allows remote malicious users to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a document containing P and FONT elements.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla firefox 3.5

Mozilla Foundation Security Advisory 2009-41 Corrupt JIT state after deep return from native function Announced July 16, 2009 Reporter zbyte Impact Critical Products Firefox Fixed in ...

<html> <head> <div id="content"> n0m3rcYn0M3rCyn0m3Rc&lt ...

################################################## # FireFox 35 Heap Spray # Discovered by: Simon Berry-Bryne # Coded in Perl by netsoul, ALTO PARANA - Paraguay # Contact: netsoul2 [at] gmail [dot] com ################################################## #!/usr/bin/perl -w use strict; use POE::Component::Server::HTTP; POE::Component::Server::HTTP-& ...

<html> <head> <title>Firefox 35 Vulnerability</title> Firefox 35 Heap Spray Vulnerabilty Author: SBerry aka Simon Berry-Byrne Thanks to HD Moore for the insight and Metasploit for the payload <div id="content"> <p& ...

## # $Id: firefox_escape_retvalrb 10394 2010-09-20 08:06:27Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' ...

CWE-94 http://blog.mozilla.com/security/2009/07/14/critical-javascript-vulnerability-in-firefox-35/http://www.vupen.com/english/advisories/2009/1868 http://isc.sans.org/diary.html?storyid=6796 http://www.h-online.com/security/First-Zero-Day-Exploit-for-Firefox-3-5--/news/113761 http://secunia.com/advisories/35798 https://bugzilla.mozilla.org/show_bug.cgi?id=503286 http://voices.washingtonpost.com/securityfix/2009/07/stopgap_fix_for_critical_firef.html http://www.securityfocus.com/bid/35660 http://www.kb.cert.org/vuls/id/443060 http://www.mozilla.org/security/announce/2009/mfsa2009-41.html https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00909.html http://sunsolve.sun.com/search/document.do?assetkey=1-66-266148-1 https://www.exploit-db.com/exploits/40936/http://www.exploit-db.com/exploits/9181 http://www.exploit-db.com/exploits/9137 https://nvd.nist.gov https://www.mozilla.org/en-US/security/advisories/mfsa2009-41/https://www.exploit-db.com/exploits/40936/

CVE-2009-2477

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect