Published: 17/12/2009 Updated: 19/09/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x prior to 3.5.6, SeaMonkey prior to 2.0.1, and Thunderbird allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla firefox 3.5.3
mozilla firefox 3.5.4
mozilla firefox 3.5.5
mozilla seamonkey 1.0.4
mozilla seamonkey 1.0.3
mozilla seamonkey 1.0.99
mozilla seamonkey 1.0.9
mozilla seamonkey 1.0.8
mozilla seamonkey 1.0.7
mozilla seamonkey 1.0.2
mozilla seamonkey 1.0
mozilla seamonkey 1.1.14
mozilla seamonkey 1.1.12
mozilla seamonkey 1.1.11
mozilla seamonkey 1.1.6
mozilla seamonkey 2.0
mozilla seamonkey 1.5.0.10
mozilla seamonkey 1.0.6
mozilla seamonkey 1.0.1
mozilla seamonkey 1.1
mozilla seamonkey 1.1.15
mozilla seamonkey 1.1.4
mozilla seamonkey 1.1.9
mozilla seamonkey 1.1.5
mozilla seamonkey 2.0a1
mozilla seamonkey 2.0a1pre
mozilla seamonkey
mozilla seamonkey 1.1.2
mozilla seamonkey 1.1.13
mozilla seamonkey 1.1.7
mozilla firefox 3.5.1
mozilla firefox 3.5.2
mozilla seamonkey 1.0.5
mozilla seamonkey 1.1.1
mozilla seamonkey 1.1.10
mozilla seamonkey 1.1.16
mozilla seamonkey 1.1.3
mozilla seamonkey 1.1.17
mozilla seamonkey 1.1.8
mozilla seamonkey 1.5.0.8
mozilla seamonkey 1.5.0.9
mozilla thunderbird

Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the pr ...

USN-874-1 fixed vulnerabilities in Firefox and Xulrunner The upstream changes introduced a regression when using NTLM authentication This update fixes the problem and adds additional stability fixes ...

Mozilla Foundation Security Advisory 2009-65 Crashes with evidence of memory corruption (rv:1916/ 19016) Announced December 15, 2009 Reporter Mozilla developers and community Impact Critical Products Firefox, SeaMonkey, ...

NVD-CWE-noinfo http://www.mozilla.org/security/announce/2009/mfsa2009-65.html http://securitytracker.com/id?1023334 https://bugzilla.mozilla.org/show_bug.cgi?id=524121 http://www.securityfocus.com/bid/37364 http://secunia.com/advisories/37785 http://www.vupen.com/english/advisories/2009/3558 http://www.securityfocus.com/bid/37349 http://securitytracker.com/id?1023333 https://bugzilla.mozilla.org/show_bug.cgi?id=513981 http://secunia.com/advisories/37699 http://www.vupen.com/english/advisories/2009/3547 http://secunia.com/advisories/37783 https://bugzilla.mozilla.org/show_bug.cgi?id=514999 https://bugzilla.mozilla.org/show_bug.cgi?id=510518 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01034.html http://www.ubuntu.com/usn/USN-874-1 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01041.html https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00995.html http://secunia.com/advisories/37856 http://secunia.com/advisories/37881 http://www.novell.com/linux/security/advisories/2009_63_firefox.html https://exchange.xforce.ibmcloud.com/vulnerabilities/54802 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8434 https://usn.ubuntu.com/874-1/https://nvd.nist.gov

CVE-2009-3982

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect