Lucene search

RedhatCVE-2009-0775

HistoryMar 05, 2009 - 2:30 a.m.

CVE-2009-0775

2009-03-0502:30:00

CWE-399

redhat

web.nvd.nist.gov

cve-2009-0775

mozilla firefox

thunderbird

seamonkey

vulnerability

remote code execution

dom elements

garbage collection

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

9.7

Confidence

High

EPSS

0.175

Percentile

96.2%

JSON

Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via “cloned XUL DOM elements which were linked as a parent and child,” which are not properly handled during garbage collection.

Affected configurations

Nvd

Node

mozillafirefoxRange≤3.0.6

mozillafirefoxMatch1.0

mozillafirefoxMatch1.0.1

mozillafirefoxMatch1.0.2

mozillafirefoxMatch1.0.3

mozillafirefoxMatch1.0.4

mozillafirefoxMatch1.0.5

mozillafirefoxMatch1.0.6

mozillafirefoxMatch1.0.7

mozillafirefoxMatch1.0.8

mozillafirefoxMatch1.5

mozillafirefoxMatch1.5.0.1

mozillafirefoxMatch1.5.0.2

mozillafirefoxMatch1.5.0.3

mozillafirefoxMatch1.5.0.4

mozillafirefoxMatch1.5.0.5

mozillafirefoxMatch1.5.0.6

mozillafirefoxMatch1.5.0.7

mozillafirefoxMatch1.5.0.8

mozillafirefoxMatch1.5.0.9

mozillafirefoxMatch1.5.0.10

mozillafirefoxMatch1.5.0.11

mozillafirefoxMatch1.5.0.12

mozillafirefoxMatch2.0

mozillafirefoxMatch2.0.0.1

mozillafirefoxMatch2.0.0.2

mozillafirefoxMatch2.0.0.3

mozillafirefoxMatch2.0.0.4

mozillafirefoxMatch2.0.0.5

mozillafirefoxMatch2.0.0.6

mozillafirefoxMatch2.0.0.7

mozillafirefoxMatch2.0.0.8

mozillafirefoxMatch2.0.0.9

mozillafirefoxMatch2.0.0.10

mozillafirefoxMatch2.0.0.11

mozillafirefoxMatch2.0.0.12

mozillafirefoxMatch2.0.0.13

mozillafirefoxMatch2.0.0.14

mozillafirefoxMatch2.0.0.15

mozillafirefoxMatch2.0.0.16

mozillafirefoxMatch2.0.0.17

mozillafirefoxMatch2.0.0.18

mozillafirefoxMatch2.0.0.19

mozillafirefoxMatch2.0.0.20

mozillafirefoxMatch3.0

mozillafirefoxMatch3.0.1

mozillafirefoxMatch3.0.2

mozillafirefoxMatch3.0.3

mozillafirefoxMatch3.0.4

mozillafirefoxMatch3.0.5

mozillaseamonkeyRange≤1.1.14

mozillaseamonkeyMatch1.0

mozillaseamonkeyMatch1.0.1

mozillaseamonkeyMatch1.0.2

mozillaseamonkeyMatch1.0.3

mozillaseamonkeyMatch1.0.5

mozillaseamonkeyMatch1.0.6

mozillaseamonkeyMatch1.0.7

mozillaseamonkeyMatch1.0.8

mozillaseamonkeyMatch1.0.9

mozillaseamonkeyMatch1.1

mozillaseamonkeyMatch1.1alpha

mozillaseamonkeyMatch1.1beta

mozillaseamonkeyMatch1.1.1

mozillaseamonkeyMatch1.1.2

mozillaseamonkeyMatch1.1.3

mozillaseamonkeyMatch1.1.4

mozillaseamonkeyMatch1.1.5

mozillaseamonkeyMatch1.1.6

mozillaseamonkeyMatch1.1.7

mozillaseamonkeyMatch1.1.8

mozillaseamonkeyMatch1.1.9

mozillaseamonkeyMatch1.1.10

mozillaseamonkeyMatch1.1.11

mozillaseamonkeyMatch1.1.12

mozillaseamonkeyMatch1.1.13

mozillathunderbirdRange≤2.0.0.20

mozillathunderbirdMatch2.0.0.0

mozillathunderbirdMatch2.0.0.4

mozillathunderbirdMatch2.0.0.5

mozillathunderbirdMatch2.0.0.6

mozillathunderbirdMatch2.0.0.9

mozillathunderbirdMatch2.0.0.12

mozillathunderbirdMatch2.0.0.14

mozillathunderbirdMatch2.0.0.16

mozillathunderbirdMatch2.0.0.17

mozillathunderbirdMatch2.0.0.18

mozillathunderbirdMatch2.0.0.19

VendorProductVersionCPE
mozillafirefox*cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
mozillafirefox1.0cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
mozillafirefox1.0.1cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
mozillafirefox1.0.2cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
mozillafirefox1.0.3cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
mozillafirefox1.0.4cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
mozillafirefox1.0.5cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
mozillafirefox1.0.6cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*
mozillafirefox1.0.7cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*
mozillafirefox1.0.8cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	firefox	*	cpe:2.3:a:mozilla:firefox::::::::
mozilla	firefox	1.0	cpe:2.3:a:mozilla:firefox:1.0:::::::*
mozilla	firefox	1.0.1	cpe:2.3:a:mozilla:firefox:1.0.1:::::::*
mozilla	firefox	1.0.2	cpe:2.3:a:mozilla:firefox:1.0.2:::::::*
mozilla	firefox	1.0.3	cpe:2.3:a:mozilla:firefox:1.0.3:::::::*
mozilla	firefox	1.0.4	cpe:2.3:a:mozilla:firefox:1.0.4:::::::*
mozilla	firefox	1.0.5	cpe:2.3:a:mozilla:firefox:1.0.5:::::::*
mozilla	firefox	1.0.6	cpe:2.3:a:mozilla:firefox:1.0.6:::::::*
mozilla	firefox	1.0.7	cpe:2.3:a:mozilla:firefox:1.0.7:::::::*
mozilla	firefox	1.0.8	cpe:2.3:a:mozilla:firefox:1.0.8:::::::*