CVSS: 5.0EPSS: 9%CPEs: 1EXPL: 4CVE-2009-1827 – Mozilla Firefox - unclamped loop Denial of Service
https://notcve.org/view.php?id=CVE-2009-1827
The SVG component in Mozilla Firefox 3.0.4 allows remote attackers to cause a denial of service (application hang) via a large value in the r (aka Radius) attribute of a circle element, related to an "unclamped loop." El componente SVG en Mozilla Firefox v3.0.4 permite a atacantes remotos provocar una denegación de servicio (cuelgue de aplicación) a través de un valor largo en el r (también conocido como Radius) atributo de un elemnto "circle", relacionado con un "bucle sin fijado" • https://www.exploit-db.com/exploits/8794 http://archives.neohapsis.com/archives/bugtraq/2009-05/0270.html http://archives.neohapsis.com/archives/bugtraq/2009-05/0271.html http://archives.neohapsis.com/archives/bugtraq/2009-05/0272.html http://blog.zoller.lu/2009/04/advisory-firefox-dos-condition.html http://www.securityfocus.com/archive/1/503825/100/0/threaded https://bugzilla.mozilla.org/show_bug.cgi?id=393832 https://bugzilla.mozilla.org/show_bug.cgi?id=465615 https://ex • CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 6%CPEs: 1EXPL: 4CVE-2009-1828 – Mozilla Firefox 3.0.10 - 'KEYGEN' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2009-1828
Mozilla Firefox 3.0.10 allows remote attackers to cause a denial of service (infinite loop, application hang, and memory consumption) via a KEYGEN element in conjunction with (1) a META element specifying automatic page refresh or (2) a JavaScript onLoad event handler for a BODY element. NOTE: it was later reported that earlier versions are also affected. Mozilla Firefox v3.0.10 permite a atacantes remotos provocar una denegación de servicio (bucle infinito, cuelgue de aplicación y consumo de memoria) a través de un elemento KEYGEN en conjunción con (1) un elemento META especificando página de refresco automático o (2) un gestor de evento onLoad JavaScript para un elemento BODY. • https://www.exploit-db.com/exploits/8822 http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0247.html http://archives.neohapsis.com/archives/fulldisclosure/2009-05/0263.html http://blog.zoller.lu/2009/04/advisory-firefox-denial-of-service.html http://websecurity.com.ua/3194 http://www.securityfocus.com/archive/1/503876/100/0/threaded http://www.securityfocus.com/archive/1/506328/100/100/threaded http://www.securityfocus.com/bid/35132 https://bugzilla.mozilla.org/show • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 93%CPEs: 1EXPL: 1CVE-2009-1313 – Mozilla Firefox 3.0.9 - 'nsTextFrame::ClearTextRun()' Remote Memory Corruption
https://notcve.org/view.php?id=CVE-2009-1313
The nsTextFrame::ClearTextRun function in layout/generic/nsTextFrameThebes.cpp in Mozilla Firefox 3.0.9 allows remote attackers to cause a denial of service (memory corruption) and probably execute arbitrary code via unspecified vectors. NOTE: this vulnerability reportedly exists because of an incorrect fix for CVE-2009-1302. La función nsTextFrame::ClearTextRun en layout/generic/nsTextFrameThebes.cpp en Mozilla Firefox v3.0.9 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) y, probablemente, ejecutar código arbitrario a través de vectores no especificados. NOTA: esta vulnerabilidad existe porque supuestamente se dio una solución incorrecta para CVE-2009-1302. • https://www.exploit-db.com/exploits/32961 http://secunia.com/advisories/34851 http://secunia.com/advisories/34866 http://secunia.com/advisories/34910 http://secunia.com/advisories/34919 http://securitytracker.com/id?1022126 http://securitytracker.com/id?1022127 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.350967 http://www.mandriva.com/security/advisories?name=MDVSA-2009:111 http://www.mozilla.org/security/announce/2009/mfsa2009-23.html http&# • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 1%CPEs: 94EXPL: 0CVE-2009-1307 – view-source: protocol
https://notcve.org/view.php?id=CVE-2009-1307
The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modify Local Shared Objects via a Flash file; or (3) bypass unspecified restrictions and render content via vectors involving a jar: URI. La implementación view-source: URI en Mozilla Firefox anteriores a v3.0.9, Thunderbird, and SeaMonkey no implementa correctamente la política de mismo origen, permitiendo a atacantes remotos (1) saltar las restricciones crossdomain.xml y conectar a sitios web de su elección utilizando un fichero Flash; (2) leer, crear o modificar objetos compartidos locales utilizando un fichero Flash; o (3) saltar restricciones no especificadas y generar contenido mediante vectores relacionados con jar: URI. • http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html http://rhn.redhat.com/errata/RHSA-2009-0437.html http://secunia.com/advisories/34758 http://secunia.com/advisories/34780 http://secunia.com/advisories/34843 http://secunia.com/advisories/34844 http://secunia.com/advisories/34894 http://secunia.com/advisories/35042 http://secunia.com/advisories/35065 http://secunia.com/advisories/35536 http://secunia.com/advisories/35561 http://secunia.com/advisories/3 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 7%CPEs: 77EXPL: 5CVE-2009-1302 – Firefox 3 Layout engine crashes
https://notcve.org/view.php?id=CVE-2009-1302
The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to (1) nsAsyncInstantiateEvent::Run, (2) nsStyleContext::Destroy, (3) nsComputedDOMStyle::GetWidth, (4) the xslt_attributeset_ImportSameName.html test case for the XSLT stylesheet compiler, (5) nsXULDocument::SynchronizeBroadcastListener, (6) IsBindingAncestor, (7) PL_DHashTableOperate and nsEditor::EndUpdateViewBatch, and (8) gfxSkipCharsIterator::SetOffsets, and other vectors. El motor del navegador Mozilla Firefox v3.x anteriores a la v3.0.9, Thunderbird anteriores a la v2.0.0.22, y SeaMonkey anteriores a v1.1.16 permite a atacantes remotos producir una denegación de servicio (caída de aplicación) y posiblemente inicia una corrupción de memoria a través de vectores relacionados con (1) nsAsyncInstantiateEvent::Run, (2) nsStyleContext::Destroy, (3) nsComputedDOMStyle::GetWidth, (4) caso de pueba xslt_attributeset_ImportSameName.html para el compilador XSLT stylesheet , (5) nsXULDocument::SynchronizeBroadcastListener, (6) IsBindingAncestor, (7) PL_DHashTableOperate y nsEditor::EndUpdateViewBatch, y (8) gfxSkipCharsIterator::SetOffsets, y otros vectores. • http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html http://secunia.com/advisories/34758 http://secunia.com/advisories/34780 http://secunia.com/advisories/34843 http://secunia.com/advisories/34894 http://secunia.com/advisories/35042 http://secunia.com/advisories/35065 http://secunia.com/advisories/35602 http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1 http://www.debian.org/security/2009/dsa-1797 http://www.debian.org/security/2009/dsa • CWE-399: Resource Management Errors •