CVE-2009-0775

Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
VendorProductVersion
mozillafirefox
𝑥
≤ 3.0.6
mozillafirefox
1.0
mozillafirefox
1.0.1
mozillafirefox
1.0.2
mozillafirefox
1.0.3
mozillafirefox
1.0.4
mozillafirefox
1.0.5
mozillafirefox
1.0.6
mozillafirefox
1.0.7
mozillafirefox
1.0.8
mozillafirefox
1.5
mozillafirefox
1.5.0.1
mozillafirefox
1.5.0.2
mozillafirefox
1.5.0.3
mozillafirefox
1.5.0.4
mozillafirefox
1.5.0.5
mozillafirefox
1.5.0.6
mozillafirefox
1.5.0.7
mozillafirefox
1.5.0.8
mozillafirefox
1.5.0.9
mozillafirefox
1.5.0.10
mozillafirefox
1.5.0.11
mozillafirefox
1.5.0.12
mozillafirefox
2.0
mozillafirefox
2.0.0.1
mozillafirefox
2.0.0.2
mozillafirefox
2.0.0.3
mozillafirefox
2.0.0.4
mozillafirefox
2.0.0.5
mozillafirefox
2.0.0.6
mozillafirefox
2.0.0.7
mozillafirefox
2.0.0.8
mozillafirefox
2.0.0.9
mozillafirefox
2.0.0.10
mozillafirefox
2.0.0.11
mozillafirefox
2.0.0.12
mozillafirefox
2.0.0.13
mozillafirefox
2.0.0.14
mozillafirefox
2.0.0.15
mozillafirefox
2.0.0.16
mozillafirefox
2.0.0.17
mozillafirefox
2.0.0.18
mozillafirefox
2.0.0.19
mozillafirefox
2.0.0.20
mozillafirefox
3.0
mozillafirefox
3.0.1
mozillafirefox
3.0.2
mozillafirefox
3.0.3
mozillafirefox
3.0.4
mozillafirefox
3.0.5
mozillaseamonkey
𝑥
≤ 1.1.14
mozillaseamonkey
1.0
mozillaseamonkey
1.0.1
mozillaseamonkey
1.0.2
mozillaseamonkey
1.0.3
mozillaseamonkey
1.0.5
mozillaseamonkey
1.0.6
mozillaseamonkey
1.0.7
mozillaseamonkey
1.0.8
mozillaseamonkey
1.0.9
mozillaseamonkey
1.1
mozillaseamonkey
1.1:alpha
mozillaseamonkey
1.1:beta
mozillaseamonkey
1.1.1
mozillaseamonkey
1.1.2
mozillaseamonkey
1.1.3
mozillaseamonkey
1.1.4
mozillaseamonkey
1.1.5
mozillaseamonkey
1.1.6
mozillaseamonkey
1.1.7
mozillaseamonkey
1.1.8
mozillaseamonkey
1.1.9
mozillaseamonkey
1.1.10
mozillaseamonkey
1.1.11
mozillaseamonkey
1.1.12
mozillaseamonkey
1.1.13
mozillathunderbird
𝑥
≤ 2.0.0.20
mozillathunderbird
2.0.0.0
mozillathunderbird
2.0.0.4
mozillathunderbird
2.0.0.5
mozillathunderbird
2.0.0.6
mozillathunderbird
2.0.0.9
mozillathunderbird
2.0.0.12
mozillathunderbird
2.0.0.14
mozillathunderbird
2.0.0.16
mozillathunderbird
2.0.0.17
mozillathunderbird
2.0.0.18
mozillathunderbird
2.0.0.19
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firefox
lucid
not-affected
karmic
dne
jaunty
dne
intrepid
dne
hardy
not-affected
gutsy
not-affected
dapper
not-affected
firefox-3.0
lucid
dne
karmic
dne
jaunty
Fixed 3.0.7+nobinonly-0ubuntu1
released
intrepid
Fixed 3.0.7+nobinonly-0ubuntu0.8.10.1
released
hardy
Fixed 3.0.7+nobinonly-0ubuntu0.8.04.1
released
gutsy
ignored
dapper
dne
firefox-3.5
lucid
dne
karmic
Fixed 3.5~rc2+nobinonly-0ubuntu1
released
jaunty
Fixed 3.5+nobinonly-0ubuntu0.9.04.1
released
intrepid
dne
hardy
dne
gutsy
dne
dapper
dne
iceape
lucid
dne
karmic
dne
jaunty
dne
intrepid
dne
hardy
dne
gutsy
ignored
dapper
dne
icedove
lucid
dne
karmic
dne
jaunty
dne
intrepid
dne
hardy
dne
gutsy
dne
dapper
dne
iceweasel
lucid
dne
karmic
dne
jaunty
dne
intrepid
dne
hardy
dne
gutsy
dne
dapper
dne
mozilla-thunderbird
lucid
dne
karmic
dne
jaunty
dne
intrepid
dne
hardy
dne
gutsy
dne
dapper
not-affected
seamonkey
lucid
not-affected
karmic
not-affected
jaunty
not-affected
intrepid
not-affected
hardy
not-affected
gutsy
dne
dapper
dne
thunderbird
lucid
not-affected
karmic
not-affected
jaunty
not-affected
intrepid
not-affected
hardy
not-affected
gutsy
ignored
dapper
dne
xulrunner
lucid
dne
karmic
not-affected
jaunty
not-affected
intrepid
not-affected
hardy
not-affected
gutsy
not-affected
dapper
dne
xulrunner-1.9
lucid
dne
karmic
dne
jaunty
Fixed 1.9.0.7+nobinonly-0ubuntu1
released
intrepid
Fixed 1.9.0.7+nobinonly-0ubuntu0.8.10.1
released
hardy
Fixed 1.9.0.7+nobinonly-0ubuntu0.8.04.1
released
gutsy
ignored
dapper
dne
xulrunner-1.9.1
lucid
dne
karmic
Fixed 1.9.1~rc2+nobinonly-0ubuntu1
released
jaunty
Fixed 1.9.1+nobinonly-0ubuntu0.9.04.1
released
intrepid
dne
hardy
dne
gutsy
dne
dapper
dne
Common Weakness Enumeration
References