CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
90.4%
The installed version of Mozilla Firefox is earlier than 3.5.2/3.0.12. Such versions are potentially affected by multiple issues :
A denial-of-service vulnerability when Firefox receives a reply from a SOCKS5 proxy which contains a DNS name longer than 15 characters. (CVE-2009-2470)
Multiple flaws exist in the ‘libvorbis’ library could lead to remote code execution. (CVE-2009-2663)
Binary data 801300.prm
.mozilla.org/security/announce/2009/mfsa2009-38.html
.mozilla.org/security/announce/2009/mfsa2009-44.html
.mozilla.org/security/announce/2009/mfsa2009-45.html
.mozilla.org/security/announce/2009/mfsa2009-46.html
.mozilla.org/security/announce/2009/mfsa2009-47.html
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2470
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2663