Lucene search

MitreCVE-2009-2479

HistoryJul 16, 2009 - 3:30 p.m.

CVE-2009-2479

2009-07-1615:30:00

CWE-119

mitre

web.nvd.nist.gov

cve-2009-2479

mozilla firefox

windows

remote attack

denial of service

nvd

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

8.9

Confidence

High

EPSS

0.062

Percentile

93.6%

JSON

Mozilla Firefox 3.0.x, 3.5, and 3.5.1 on Windows allows remote attackers to cause a denial of service (uncaught exception and application crash) via a long Unicode string argument to the write method. NOTE: this was originally reported as a stack-based buffer overflow. NOTE: on Linux and Mac OS X, a crash resulting from this long string reportedly occurs in an operating-system library, not in Firefox.

Affected configurations

Nvd

Node

mozillafirefoxMatch3.0.1

mozillafirefoxMatch3.0.2

mozillafirefoxMatch3.0.3

mozillafirefoxMatch3.0.4

mozillafirefoxMatch3.0.5

mozillafirefoxMatch3.0.6

mozillafirefoxMatch3.0.7

mozillafirefoxMatch3.0.8

mozillafirefoxMatch3.0.9

mozillafirefoxMatch3.0.10

mozillafirefoxMatch3.0.11

mozillafirefoxMatch3.0.12

mozillafirefoxMatch3.0.13

mozillafirefoxMatch3.0.14

mozillafirefoxMatch3.0.15

mozillafirefoxMatch3.0.16

mozillafirefoxMatch3.0.17

mozillafirefoxMatch3.5

mozillafirefoxMatch3.5.1

VendorProductVersionCPE
mozillafirefox3.0.11cpe:/a:mozilla:firefox:3.0.11:::
mozillafirefox3.5cpe:/a:mozilla:firefox:3.5:::
mozillafirefox3.5.1cpe:/a:mozilla:firefox:3.5.1:::
mozillafirefox3.0.4cpe:/a:mozilla:firefox:3.0.4:::
mozillafirefox3.0.2cpe:/a:mozilla:firefox:3.0.2:::
mozillafirefox3.0.16cpe:/a:mozilla:firefox:3.0.16:::
mozillafirefox3.0.14cpe:/a:mozilla:firefox:3.0.14:::
mozillafirefox3.0.10cpe:/a:mozilla:firefox:3.0.10:::
mozillafirefox3.0.1cpe:/a:mozilla:firefox:3.0.1:::
mozillafirefox3.0.15cpe:/a:mozilla:firefox:3.0.15:::

Vendor	Product	Version	CPE
mozilla	firefox	3.0.11	cpe:/a:mozilla:firefox:3.0.11:::
mozilla	firefox	3.5	cpe:/a:mozilla:firefox:3.5:::
mozilla	firefox	3.5.1	cpe:/a:mozilla:firefox:3.5.1:::
mozilla	firefox	3.0.4	cpe:/a:mozilla:firefox:3.0.4:::
mozilla	firefox	3.0.2	cpe:/a:mozilla:firefox:3.0.2:::
mozilla	firefox	3.0.16	cpe:/a:mozilla:firefox:3.0.16:::
mozilla	firefox	3.0.14	cpe:/a:mozilla:firefox:3.0.14:::
mozilla	firefox	3.0.10	cpe:/a:mozilla:firefox:3.0.10:::
mozilla	firefox	3.0.1	cpe:/a:mozilla:firefox:3.0.1:::
mozilla	firefox	3.0.15	cpe:/a:mozilla:firefox:3.0.15:::