CVE-2009-2953

Mozilla Firefox 3.0.6 through 3.0.13, and 3.5.x, allows remote attackers to cause a denial of service (CPU consumption) via JavaScript code with a long string value for the hash property (aka location.hash), a related issue to CVE-2008-5715.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 84%
VendorProductVersion
mozillafirefox
3.0.6
mozillafirefox
3.0.7
mozillafirefox
3.0.8
mozillafirefox
3.0.9
mozillafirefox
3.0.10
mozillafirefox
3.0.11
mozillafirefox
3.0.12
mozillafirefox
3.0.13
mozillafirefox
3.5
mozillafirefox
3.5.1
mozillafirefox
3.5.2
mozillafirefox
3.5.3
mozillafirefox
3.5.4
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firefox
karmic
dne
jaunty
dne
intrepid
dne
hardy
not-affected
dapper
not-affected
xulrunner-1.9
karmic
dne
jaunty
ignored
intrepid
ignored
hardy
ignored
dapper
dne
xulrunner-1.9.1
karmic
ignored
jaunty
ignored
intrepid
dne
hardy
dne
dapper
dne
Common Weakness Enumeration
References
http://websecurity.com.ua/3424/
http://www.securityfocus.com/archive/1/506006/100/0/threaded
http://websecurity.com.ua/3424/
http://www.securityfocus.com/archive/1/506006/100/0/threaded