10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.292 Low
EPSS
Percentile
96.9%
Mozilla upgraded several third party libraries used in media rendering to address multiple memory safety and stability bugs identified by members of the Mozilla community. Some of the bugs discovered could potentially be used by an attacker to crash a victimβs browser and execute arbitrary code on their computer. liboggz, libvorbis, and liboggplay were all upgraded to address these issues.
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3377
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3378
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3379
bugzilla.mozilla.org/buglist.cgi?bug_id=501279,499512,515889,507167
bugzilla.mozilla.org/buglist.cgi?bug_id=515376,512327
bugzilla.mozilla.org/show_bug.cgi?id=500311