Lucene search
HistoryNov 19, 2009 - 12:30 a.m.
CVE-2009-3978
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
AI Score
5.6
Confidence
High
EPSS
0.322
Percentile
97.0%
The nsGIFDecoder2::GifWrite function in decoders/gif/nsGIFDecoder2.cpp in libpr0n in Mozilla Firefox before 3.5.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an animated GIF file with a large image size, a different vulnerability than CVE-2009-3373.
Affected configurations
Node
mozillafirefoxRangeβ€3.5.4
ORmozillafirefoxMatch0.1
ORmozillafirefoxMatch0.2
ORmozillafirefoxMatch0.3
ORmozillafirefoxMatch0.4
ORmozillafirefoxMatch0.5
ORmozillafirefoxMatch0.6
ORmozillafirefoxMatch0.6.1
ORmozillafirefoxMatch0.7
ORmozillafirefoxMatch0.7.1
ORmozillafirefoxMatch0.8
ORmozillafirefoxMatch0.9
ORmozillafirefoxMatch0.9rc
ORmozillafirefoxMatch0.9.1
ORmozillafirefoxMatch0.9.2
ORmozillafirefoxMatch0.9.3
ORmozillafirefoxMatch0.10
ORmozillafirefoxMatch0.10.1
ORmozillafirefoxMatch1.0
ORmozillafirefoxMatch1.0preview_release
ORmozillafirefoxMatch1.0.1
ORmozillafirefoxMatch1.0.2
ORmozillafirefoxMatch1.0.3
ORmozillafirefoxMatch1.0.4
ORmozillafirefoxMatch1.0.5
ORmozillafirefoxMatch1.0.6
ORmozillafirefoxMatch1.0.7
ORmozillafirefoxMatch1.0.8
ORmozillafirefoxMatch1.4.1
ORmozillafirefoxMatch1.5
ORmozillafirefoxMatch1.5beta1
ORmozillafirefoxMatch1.5beta2
ORmozillafirefoxMatch1.5.0.1
ORmozillafirefoxMatch1.5.0.2
ORmozillafirefoxMatch1.5.0.3
ORmozillafirefoxMatch1.5.0.4
ORmozillafirefoxMatch1.5.0.5
ORmozillafirefoxMatch1.5.0.6
ORmozillafirefoxMatch1.5.0.7
ORmozillafirefoxMatch1.5.0.8
ORmozillafirefoxMatch1.5.0.9
ORmozillafirefoxMatch1.5.0.10
ORmozillafirefoxMatch1.5.0.11
ORmozillafirefoxMatch1.5.0.12
ORmozillafirefoxMatch1.5.1
ORmozillafirefoxMatch1.5.2
ORmozillafirefoxMatch1.5.3
ORmozillafirefoxMatch1.5.4
ORmozillafirefoxMatch1.5.5
ORmozillafirefoxMatch1.5.6
ORmozillafirefoxMatch1.5.7
ORmozillafirefoxMatch1.5.8
ORmozillafirefoxMatch1.8
ORmozillafirefoxMatch2.0
ORmozillafirefoxMatch2.0.0.1
ORmozillafirefoxMatch2.0.0.2
ORmozillafirefoxMatch2.0.0.3
ORmozillafirefoxMatch2.0.0.4
ORmozillafirefoxMatch2.0.0.5
ORmozillafirefoxMatch2.0.0.6
ORmozillafirefoxMatch2.0.0.7
ORmozillafirefoxMatch2.0.0.8
ORmozillafirefoxMatch2.0.0.9
ORmozillafirefoxMatch2.0.0.10
ORmozillafirefoxMatch2.0.0.11
ORmozillafirefoxMatch3.0
ORmozillafirefoxMatch3.0.5
ORmozillafirefoxMatch3.5
ORmozillafirefoxMatch3.5.2
ORmozillafirefoxMatch3.5.3
Related
ubuntucve
ubuntucve
CVE-2009-3978
2009-11-19 00:00:00
CVE-2009-3373
2009-10-29 00:00:00
cvelist
cvelist
CVE-2009-3978
2022-10-03 16:23:54
CVE-2009-3373
2009-10-29 14:00:00
cve
cve
CVE-2009-3978
2022-10-03 16:23:54
CVE-2009-3373
2009-10-29 14:30:00
prion
prion
Null pointer dereference
2009-11-19 00:30:00
Heap overflow
2009-10-29 14:30:00
nvd
nvd
CVE-2009-3373
2009-10-29 14:30:00
veracode
veracode
Buffer Overflows
2020-04-10 00:38:53
seebug
seebug
Mozilla Firefox libpr0n GIF解ζε¨ε ζΊ’εΊζΌζ΄
2009-10-31 00:00:00
securityvulns
securityvulns
iDefense Security Advisory 10.28.09: Mozilla Firefox GIF Color Map Parsing Buffer Overflow Vulnerability
2009-10-29 00:00:00
Mozilla Foundation Security Advisory 2009-56
2009-10-28 00:00:00
Mozilla Firefox / Seamonkey multiple security vulnerabilities
2009-11-05 00:00:00
zdt
zdt
Mozilla Firefox 3.5.4 - Local Color Map Exploit
2013-08-19 00:00:00
mozilla
mozilla
Heap buffer overflow in GIF color map parser β Mozilla
2009-10-27 00:00:00
openvas
openvas
Mozilla Firefox 'GIF' File DoS Vulnerability (Nov 2009) - Linux
2009-11-20 00:00:00
Mozilla Firefox 'GIF' File DoS Vulnerability - Nov09 (Linux)
2009-11-20 00:00:00
Mozilla Firefox 'GIF' File DoS Vulnerability (Nov 2009) - Windows
2009-11-20 00:00:00
nessus
nessus
openSUSE Security Update : MozillaFirefox (MozillaFirefox-1597)
2009-11-30 00:00:00
SuSE 11 Security Update : Mozilla Firefox (SAT Patch Number 1563)
2009-11-24 00:00:00
SeaMonkey < 2.0 Multiple Vulnerabilities
2009-10-29 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: chmsee-1.0.1-12.fc11
2009-10-29 02:59:35
[SECURITY] Fedora 11 Update: epiphany-extensions-2.26.1-7.fc11
2009-10-29 02:59:35
[SECURITY] Fedora 11 Update: epiphany-2.26.3-5.fc11
2009-10-29 02:59:35
debian
debian
[SECURITY] [DSA 1922-1] New xulrunner packages fix several vulnerabilities
2009-10-28 21:13:30
osv
osv
xulrunner - several vulnerabilities
2009-10-28 00:00:00
oraclelinux
oraclelinux
firefox security update
2009-10-28 00:00:00
centos
centos
firefox, nspr security update
2009-10-28 13:44:04
redhat
redhat
(RHSA-2009:1530) Critical: firefox security update
2009-10-27 00:00:00
vmware
vmware
ESX Service Console and vMA updates for nss and nspr
2010-03-03 00:00:00
ESX Service Console and vMA updates for nss and nspr
2010-03-03 00:00:00
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2009-10-31 00:00:00
Firefox and Xulrunner regression
2009-11-11 00:00:00
suse
suse
remote code execution in MozillaFirefox
2009-11-04 14:24:35
freebsd
freebsd
mozilla -- multiple vulnerabilities
2009-10-27 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
AI Score
5.6
Confidence
High
EPSS
0.322
Percentile
97.0%
Related for NVD:CVE-2009-3978