CVE-2009-3380

EUVD-2009-3362
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
Affected Products (NVD)
VendorProductVersion
mozillafirefox
3.0.1
mozillafirefox
3.0.2
mozillafirefox
3.0.3
mozillafirefox
3.0.4
mozillafirefox
3.0.5
mozillafirefox
3.0.6
mozillafirefox
3.0.7
mozillafirefox
3.0.8
mozillafirefox
3.0.9
mozillafirefox
3.0.10
mozillafirefox
3.0.11
mozillafirefox
3.0.12
mozillafirefox
3.0.13
mozillafirefox
3.0.14
mozillafirefox
3.5.1
mozillafirefox
3.5.2
mozillafirefox
3.5.3
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firefox-3.0
dapper
dne
hardy
Fixed 3.0.15+nobinonly-0ubuntu0.8.04.1
released
intrepid
Fixed 3.0.15+nobinonly-0ubuntu0.8.10.1
released
jaunty
Fixed 3.0.15+nobinonly-0ubuntu0.9.04.1
released
karmic
dne
firefox-3.5
dapper
dne
hardy
dne
intrepid
dne
jaunty
Fixed 3.5.4+nobinonly-0ubuntu0.9.04.1
released
karmic
Fixed 3.5.4+nobinonly-0ubuntu0.9.10.1
released
xulrunner-1.9
dapper
dne
hardy
Fixed 1.9.0.15+nobinonly-0ubuntu0.8.04.1
released
intrepid
Fixed 1.9.0.15+nobinonly-0ubuntu0.8.10.1
released
jaunty
Fixed 1.9.0.15+nobinonly-0ubuntu0.9.04.1
released
karmic
dne
xulrunner-1.9.1
dapper
dne
hardy
dne
intrepid
dne
jaunty
Fixed 1.9.1.4+nobinonly-0ubuntu0.9.04.3
released
karmic
Fixed 1.9.1.4+nobinonly-0ubuntu0.9.10.1
released
References
http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1
http://www.mandriva.com/security/advisories?name=MDVSA-2009:294
http://www.mozilla.org/security/announce/2009/mfsa2009-64.html
http://www.redhat.com/support/errata/RHSA-2010-0153.html
http://www.redhat.com/support/errata/RHSA-2010-0154.html
http://www.vupen.com/english/advisories/2009/3334
http://www.vupen.com/english/advisories/2010/0650
https://bugzilla.mozilla.org/show_bug.cgi?id=454872
https://bugzilla.mozilla.org/show_bug.cgi?id=489925
https://bugzilla.mozilla.org/show_bug.cgi?id=497013
https://bugzilla.mozilla.org/show_bug.cgi?id=508927
https://bugzilla.mozilla.org/show_bug.cgi?id=509244
https://bugzilla.mozilla.org/show_bug.cgi?id=509602
https://bugzilla.mozilla.org/show_bug.cgi?id=514776
https://bugzilla.mozilla.org/show_bug.cgi?id=522030
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6580
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9463
http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1
http://www.mandriva.com/security/advisories?name=MDVSA-2009:294
http://www.mozilla.org/security/announce/2009/mfsa2009-64.html
http://www.redhat.com/support/errata/RHSA-2010-0153.html
http://www.redhat.com/support/errata/RHSA-2010-0154.html
http://www.vupen.com/english/advisories/2009/3334
http://www.vupen.com/english/advisories/2010/0650
https://bugzilla.mozilla.org/show_bug.cgi?id=454872
https://bugzilla.mozilla.org/show_bug.cgi?id=489925
https://bugzilla.mozilla.org/show_bug.cgi?id=497013
https://bugzilla.mozilla.org/show_bug.cgi?id=508927
https://bugzilla.mozilla.org/show_bug.cgi?id=509244
https://bugzilla.mozilla.org/show_bug.cgi?id=509602
https://bugzilla.mozilla.org/show_bug.cgi?id=514776
https://bugzilla.mozilla.org/show_bug.cgi?id=522030
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6580
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9463