Published: 17/12/2009 Updated: 19/09/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

liboggplay in Mozilla Firefox 3.5.x prior to 3.5.6 and SeaMonkey prior to 2.0.1 might allow context-dependent malicious users to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors, related to "memory safety issues."

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla seamonkey 1.0.7
mozilla seamonkey 1.0.6
mozilla seamonkey 1.0
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.6
mozilla seamonkey 1.1.9
mozilla seamonkey 2.0
mozilla seamonkey 2.0a1
mozilla seamonkey 2.0a1pre
mozilla firefox 3.5.3
mozilla firefox 3.5.4
mozilla seamonkey 1.0.5
mozilla seamonkey 1.0.4
mozilla seamonkey 1.0.3
mozilla seamonkey 1.0.99
mozilla firefox 3.5.1
mozilla firefox 3.5.2
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.16
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.5
mozilla seamonkey 1.1.8
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.5.0.9
mozilla seamonkey
mozilla seamonkey 1.0.9
mozilla seamonkey 1.1.17
mozilla seamonkey 1.1.2
mozilla seamonkey 1.1.7
mozilla firefox 3.5.5
mozilla seamonkey 1.0.8
mozilla seamonkey 1.0.2
mozilla seamonkey 1.1.14
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.13
mozilla seamonkey 1.1.11
mozilla seamonkey 1.5.0.10

Debian Bug report logs - #575743 CVE-2009-3388 Package: liboggplay; Maintainer for liboggplay is Rodrigo Siqueira <siqueira@imeuspbr>; Reported by: Giuseppe Iuculano <iuculano@debianorg> Date: Sun, 28 Mar 2010 21:18:01 UTC Severity: serious Tags: patch, security Fixed in version liboggplay/021~git20091227-11 ...

Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the pr ...

USN-874-1 fixed vulnerabilities in Firefox and Xulrunner The upstream changes introduced a regression when using NTLM authentication This update fixes the problem and adds additional stability fixes ...

Mozilla Foundation Security Advisory 2009-66 Memory safety fixes in liboggplay media library Announced December 15, 2009 Reporter Mozilla community and developers Impact Critical Products Firefox, SeaMonkey, Thunderbird ...

CWE-399 https://bugzilla.mozilla.org/show_bug.cgi?id=504843 http://securitytracker.com/id?1023335 http://www.securityfocus.com/bid/37369 http://www.vupen.com/english/advisories/2009/3547 http://secunia.com/advisories/37785 https://bugzilla.mozilla.org/show_bug.cgi?id=523816 http://secunia.com/advisories/37699 http://www.securityfocus.com/bid/37349 http://securitytracker.com/id?1023336 http://www.mozilla.org/security/announce/2009/mfsa2009-66.html http://www.ubuntu.com/usn/USN-874-1 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01034.html https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01041.html https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00995.html http://secunia.com/advisories/37856 http://secunia.com/advisories/37881 http://www.novell.com/linux/security/advisories/2009_63_firefox.html https://exchange.xforce.ibmcloud.com/vulnerabilities/54804 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8009 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575743 https://nvd.nist.gov https://usn.ubuntu.com/874-1/

CVE-2009-3388

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect