CVE-2009-2043

2009-06-1221:30:00

CWE-20

mitre

web.nvd.nist.gov

mozilla

firefox

nsviewmanager.cpp

null pointer dereference

application crash

tinymce

cve-2009-2043

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

Confidence

High

EPSS

0.086

Percentile

94.5%

JSON

nsViewManager.cpp in Mozilla Firefox 3.0.2 through 3.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to interaction with TinyMCE.

Affected configurations

Nvd

Node

mozillafirefoxMatch3.0.2

mozillafirefoxMatch3.0.3

mozillafirefoxMatch3.0.4

mozillafirefoxMatch3.0.5

mozillafirefoxMatch3.0.6

mozillafirefoxMatch3.0.7

mozillafirefoxMatch3.0.8

mozillafirefoxMatch3.0.9

mozillafirefoxMatch3.0.10

VendorProductVersionCPE
mozillafirefox3.0.10cpe:/a:mozilla:firefox:3.0.10:::
mozillafirefox3.0.2cpe:/a:mozilla:firefox:3.0.2:::
mozillafirefox3.0.4cpe:/a:mozilla:firefox:3.0.4:::
mozillafirefox3.0.9cpe:/a:mozilla:firefox:3.0.9:::
mozillafirefox3.0.3cpe:/a:mozilla:firefox:3.0.3:::
mozillafirefox3.0.7cpe:/a:mozilla:firefox:3.0.7:::
mozillafirefox3.0.6cpe:/a:mozilla:firefox:3.0.6:::
mozillafirefox3.0.8cpe:/a:mozilla:firefox:3.0.8:::
mozillafirefox3.0.5cpe:/a:mozilla:firefox:3.0.5:::

Vendor	Product	Version	CPE
mozilla	firefox	3.0.10	cpe:/a:mozilla:firefox:3.0.10:::
mozilla	firefox	3.0.2	cpe:/a:mozilla:firefox:3.0.2:::
mozilla	firefox	3.0.4	cpe:/a:mozilla:firefox:3.0.4:::
mozilla	firefox	3.0.9	cpe:/a:mozilla:firefox:3.0.9:::
mozilla	firefox	3.0.3	cpe:/a:mozilla:firefox:3.0.3:::
mozilla	firefox	3.0.7	cpe:/a:mozilla:firefox:3.0.7:::
mozilla	firefox	3.0.6	cpe:/a:mozilla:firefox:3.0.6:::
mozilla	firefox	3.0.8	cpe:/a:mozilla:firefox:3.0.8:::
mozilla	firefox	3.0.5	cpe:/a:mozilla:firefox:3.0.5:::