CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
95.2%
Mozilla Project reports:
MFSA 2009-71 GeckoActiveXObject exception messages can be used to
enumerate installed COM objects
MFSA 2009-70 Privilege escalation via chrome window.opener
MFSA 2009-69 Location bar spoofing vulnerabilities
MFSA 2009-68 NTLM reflection vulnerability
MFSA 2009-67 Integer overflow, crash in libtheora video
library
MFSA 2009-66 Memory safety fixes in liboggplay media library
MFSA 2009-65 Crashes with evidence of memory corruption (rv:1.9.1.6/
1.9.0.16)
www.mozilla.org/security/announce/2009/mfsa2009-65.html
www.mozilla.org/security/announce/2009/mfsa2009-66.html
www.mozilla.org/security/announce/2009/mfsa2009-67.html
www.mozilla.org/security/announce/2009/mfsa2009-68.html
www.mozilla.org/security/announce/2009/mfsa2009-69.html
www.mozilla.org/security/announce/2009/mfsa2009-70.html
www.mozilla.org/security/announce/2009/mfsa2009-71.html