Published: 10/09/2009 Updated: 19/09/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Unspecified vulnerability in Mozilla Firefox prior to 3.0.14, and 3.5.x prior to 3.5.3, allows remote malicious users to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla firefox 2.0.0.19
mozilla firefox 0.10
mozilla firefox 0.9.2
mozilla firefox 1.0.1
mozilla firefox 3.0
mozilla firefox 1.0.4
mozilla firefox 2.0_.10
mozilla firefox 2.0_.4
mozilla firefox 2.0.0.10
mozilla firefox 2.0.0.17
mozilla firefox 1.0
mozilla firefox 0.3
mozilla firefox 1.5.0.5
mozilla firefox 1.5.0.2
mozilla firefox 1.5.3
mozilla firefox 1.5.4
mozilla firefox 1.5.1
mozilla firefox 2.0
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.4
mozilla firefox 3.0.3
mozilla firefox 3.0.11
mozilla firefox 3.0.4
mozilla firefox 2.0.0.18
mozilla firefox
mozilla firefox 2.0.0.14
mozilla firefox 0.9.1
mozilla firefox 0.9
mozilla firefox 2.0.0.20
mozilla firefox 1.0.3
mozilla firefox 1.5
mozilla firefox 2.0.0.9
mozilla firefox 2.0_.7
mozilla firefox 2.0_.9
mozilla firefox 2.0.0.15
mozilla firefox 0.6.1
mozilla firefox 0.6
mozilla firefox 0.1
mozilla firefox 1.5.0.12
mozilla firefox 2.0.0.7
mozilla firefox 1.5.0.9
mozilla firefox 1.5.0.6
mozilla firefox 1.5.7
mozilla firefox 1.5.6
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.1
mozilla firefox 2.0.0.13
mozilla firefox 3.0.6
mozilla firefox 3.0.9
mozilla firefox 0.8
mozilla firefox 0.10.1
mozilla firefox 3.0.5
mozilla firefox 1.0.7
mozilla firefox 1.0.6
mozilla firefox 2.0_.5
mozilla firefox 2.0_.6
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.16
mozilla firefox 1.4.1
mozilla firefox 0.4
mozilla firefox 0.5
mozilla firefox 1.5.0.3
mozilla firefox 1.5.0.11
mozilla firefox 1.5.2
mozilla firefox 1.5.0.8
mozilla firefox 1.8
mozilla firefox 1.5.8
mozilla firefox 0.9_rc
mozilla firefox 2.0.0.3
mozilla firefox 2.0.0.8
mozilla firefox 3.0.12
mozilla firefox 3.0.7
mozilla firefox 3.0.8
mozilla firefox 2.0.0.12
mozilla firefox 3.0.1
mozilla firefox 0.9.3
mozilla firefox 1.0.2
mozilla firefox 1.0.5
mozilla firefox 1.0.8
mozilla firefox 2.0_.1
mozilla firefox 2.0_8
mozilla firefox 2.0.0.21
mozilla firefox 0.7
mozilla firefox 0.7.1
mozilla firefox 0.2
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.1
mozilla firefox 1.5.0.10
mozilla firefox 1.5.0.7
mozilla firefox 1.5.5
mozilla firefox 2.0.0.6
mozilla firefox 3.0.2
mozilla firefox 3.0.10
mozilla firefox 3.5.2
mozilla firefox 3.5
mozilla firefox 3.5.1

Several flaws were discovered in the Firefox browser and JavaScript engines If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program (CVE-2009-3070, CVE-2009-3071, CVE-2009-3072, CVE-2009-3074, CVE-2009-3075) ...

Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-3079 "moz_bug_r_a4" discovered that a programming error in the FeedWriter module could lead to the execution of Javascript ...

Mozilla Foundation Security Advisory 2009-51 Chrome privilege escalation with FeedWriter Announced September 9, 2009 Reporter moz_bug_r_a4 Impact Critical Products Firefox Fixed in ...

CWE-94 https://bugzilla.mozilla.org/show_bug.cgi?id=454363 http://www.mozilla.org/security/announce/2009/mfsa2009-51.html http://www.redhat.com/support/errata/RHSA-2009-1430.html http://www.securitytracker.com/id?1022873 http://www.novell.com/linux/security/advisories/2009_48_firefox.html http://secunia.com/advisories/37098 http://secunia.com/advisories/36757 http://www.securityfocus.com/bid/36343 http://www.debian.org/security/2009/dsa-1886 http://secunia.com/advisories/36671 http://secunia.com/advisories/36670 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6250 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10390 https://usn.ubuntu.com/821-1/https://nvd.nist.gov

Get Started

CVE-2009-3079

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect