Lucene search
Mozilla FoundationMFSA2009-37HistoryJul 21, 2009 - 12:00 a.m.
Crash and remote code execution using watch and __defineSetter__ on SVG element — Mozilla
2009-07-2100:00:00
Mozilla Foundation
www.mozilla.org
16
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.805 High
EPSS
Percentile
98.3%
Security researcher PenPal reported a crash involving a SVG element on which a watch function and defineSetter function have been set for a particular property. The crash showed evidence of memory corruption and could potentially be used by an attacker to run arbitrary code on a victim’s computer.
Affected configurations
Node
mozillafirefoxRange<3.0.12
ORmozillafirefoxRange<3.5
Related
cve
cve
CVE-2009-2469
2009-07-22 18:30:00
nvd
nvd
CVE-2009-2469
2009-07-22 18:30:00
prion
prion
Memory corruption
2009-07-22 18:30:00
cvelist
cvelist
CVE-2009-2469
2009-07-22 18:00:00
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox SVG Element Processing Memory Corruption (CVE-2009-2469)
2010-03-04 00:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2009-37
2009-07-22 00:00:00
Multiple Mozilla Firefox security vulnerabilities
2009-07-22 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:36:33
ubuntucve
ubuntucve
CVE-2009-2469
2009-07-22 00:00:00
openvas
openvas
Mozilla Firefox Multiple Vulnerabilities (Jul 2009) - Linux
2009-07-23 00:00:00
Ubuntu USN-798-1 (xulrunner-1.9)
2009-07-29 00:00:00
Mozilla Firefox Multiple Vulnerabilities July-09 (Windows)
2009-07-23 00:00:00
nessus
nessus
Ubuntu 8.04 LTS / 8.10 / 9.04 : firefox-3.0, xulrunner-1.9 vulnerabilities (USN-798-1)
2009-07-23 00:00:00
Debian DSA-1840-1 : xulrunner - several vulnerabilities
2010-02-24 00:00:00
Scientific Linux Security Update : firefox on SL4.x i386/x86_64
2012-11-05 00:00:00
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2009-07-22 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: galeon-2.0.7-12.fc10
2009-07-23 19:14:52
[SECURITY] Fedora 10 Update: ruby-gnome2-0.19.0-3.fc10.1
2009-07-23 19:14:52
[SECURITY] Fedora 10 Update: kazehakase-0.5.6-4.fc10.4
2009-07-23 19:14:52
debian
debian
[SECURITY] [DSA 1840-1] New xulrunner packages fix several vulnerabilities
2009-07-23 10:30:34
osv
osv
xulrunner - several vulnerabilities
2009-07-23 00:00:00
suse
suse
remote code execution in MozillaFirefox
2009-07-27 13:06:57
remote code execution in MozillaFirefox
2009-08-06 11:30:16
redhat
redhat
(RHSA-2009:1162) Critical: firefox security update
2009-07-21 00:00:00
seebug
seebug
Mozilla Firefox MFSA存在多个安全漏洞
2009-07-24 00:00:00
centos
centos
firefox, xulrunner security update
2009-07-28 12:22:37
oraclelinux
oraclelinux
firefox security update
2009-07-22 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2370
2024-03-12 08:35:15
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.805 High
EPSS
Percentile
98.3%
Related for MFSA2009-37