Detections
Analytics

CVE-2009-3079

critical

Description

Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6250

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10390

https://bugzilla.mozilla.org/show_bug.cgi?id=454363

http://www.securitytracker.com/id?1022873

http://www.securityfocus.com/bid/36343

http://www.redhat.com/support/errata/RHSA-2009-1430.html

http://www.novell.com/linux/security/advisories/2009_48_firefox.html

http://www.mozilla.org/security/announce/2009/mfsa2009-51.html

http://www.debian.org/security/2009/dsa-1886

http://secunia.com/advisories/37098

http://secunia.com/advisories/36757

http://secunia.com/advisories/36671

http://secunia.com/advisories/36670

Details

Source: Mitre, NVD

Published: 2009-09-10

Updated: 2017-09-19

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical