CVE-2009-3075

high

Description

Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.2, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to use of mutable strings in the js_StringReplaceHelper function in js/src/jsstr.cpp, and unknown vectors.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5717

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11365

https://exchange.xforce.ibmcloud.com/vulnerabilities/53158

https://bugzilla.mozilla.org/show_bug.cgi?id=505305

https://bugzilla.mozilla.org/show_bug.cgi?id=441714

http://www.vupen.com/english/advisories/2010/0650

http://www.vupen.com/english/advisories/2010/0648

http://www.ubuntu.com/usn/USN-915-1

http://www.securityfocus.com/bid/36343

http://www.redhat.com/support/errata/RHSA-2010-0154.html

http://www.redhat.com/support/errata/RHSA-2010-0153.html

http://www.redhat.com/support/errata/RHSA-2009-1432.html

http://www.redhat.com/support/errata/RHSA-2009-1431.html

http://www.redhat.com/support/errata/RHSA-2009-1430.html

http://www.novell.com/linux/security/advisories/2009_48_firefox.html

http://www.mozilla.org/security/announce/2010/mfsa2010-07.html

http://www.mozilla.org/security/announce/2009/mfsa2009-47.html

http://www.debian.org/security/2009/dsa-1885

http://secunia.com/advisories/39001

http://secunia.com/advisories/38977

http://secunia.com/advisories/37098

http://secunia.com/advisories/36692

http://secunia.com/advisories/36671

http://secunia.com/advisories/36670

http://secunia.com/advisories/36669

http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html

Details

Source: Mitre, NVD

Published: 2009-09-10

Updated: 2017-09-19

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High