CVSS: 9.3EPSS: 96%CPEs: 99EXPL: 2CVE-2009-1169 – Mozilla Firefox XSL - Parsing Remote Memory Corruption (PoC)
https://notcve.org/view.php?id=CVE-2009-1169
The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox before 3.0.8 and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XML file with a crafted XSLT transform. La función txMozillaXSLTProcessor::TransformToDoc en Firefox anterior a versión 3.0.8 y SeaMonkey anterior a versión 1.1.16, de Mozilla, permite a los atacantes remotos causar una denegación de servicio (bloqueo) y posiblemente ejecute código arbitrario por medio de un archivo XML con una transformación XSLT diseñada. • https://www.exploit-db.com/exploits/8285 http://blogs.zdnet.com/security/?p=3013 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html http://secunia.com/advisories/34471 http://secunia.com/advisories/34486 http://secunia.com/advisories/34505 http://secunia.com/advisories/34510 http://secunia.com/advisories/34511 http://secunia.com/advisories/34521 http://secunia.com/advisories/34527 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 91%CPEs: 2EXPL: 0CVE-2009-1044 – Mozilla Firefox XUL _moveToEdgeShift() Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2009-1044
Mozilla Firefox 3.0.7 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors related to the _moveToEdgeShift XUL tree method, which triggers garbage collection on objects that are still in use, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009. Mozilla Firefox versión 3.0.7 en Windows 7, permite a los atacantes remotos ejecutar código arbitrario por medio de vectores desconocidos relacionados con el método de árbol _moveToEdgeShift XUL, que desencadena un garbage collection en objetos que todavía están en uso, como es demostrado por Nils durante la competición PWN2OWN en CanSecWest 2009. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the XUL tree method _moveToEdgeShift(). In some cases this call will trigger garbage collection routines on in use objects which will result in a future call to a dangling pointer. • http://blogs.zdnet.com/security/?p=2934 http://blogs.zdnet.com/security/?p=2941 http://cansecwest.com/index.html http://dvlabs.tippingpoint.com/blog/2009/02/25/pwn2own-2009 http://dvlabs.tippingpoint.com/blog/2009/03/18/pwn2own-2009-day-1---safari-internet-explorer-and-firefox-taken-down-by-four-zero-day-exploits http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00008.html http://news.cnet.com/8301-1009_3-10199652-83.html http://osvdb.org/52896 http: • CWE-399: Resource Management Errors •
CVSS: 7.1EPSS: 0%CPEs: 88EXPL: 0CVE-2009-0776 – Firefox XML data theft via RDFXMLDataSource and cross-domain redirect
https://notcve.org/view.php?id=CVE-2009-0776
nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect. nsIRDFService de Mozilla Firefox anterior a v3.0.7, Thunderbird anterior a v2.0.0.21 y SeaMonkey anterior a v1.1.15; permite a atacantes remotos evitar la política de same-origin -mismo origen- y leer datos XML desde otro dominio a través de una redirección de dominio cruzado. • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html http://secunia.com/advisories/34137 http://secunia.com/advisories/34140 http://secunia.com/advisories/34145 http://secunia.com/advisories/34272 http://secunia.com/advisories/34324 http://secunia.com/advisories/34383 http://secunia.com/advisories/34387 http://secunia.com/advisories/34417 http://secunia.com/advisories/34462 http://sec • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 9%CPEs: 86EXPL: 3CVE-2009-0821 – Mozilla Firefox 2.0.x - Nested 'window.print()' Denial of Service
https://notcve.org/view.php?id=CVE-2009-0821
Mozilla Firefox 2.0.0.20 and earlier allows remote attackers to cause a denial of service (application crash) via nested calls to the window.print function, as demonstrated by a window.print(window.print()) in the onclick attribute of an INPUT element. Mozilla Firefox v2.0.0.20 y anteriores, permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de llamadas anidadas a la función window.print, como se ha demostrado con window.print(window.print()) en el atributo onclick de un elemento INPUT. • https://www.exploit-db.com/exploits/32836 http://downloads.securityfocus.com/vulnerabilities/exploits/33969.html http://www.securityfocus.com/bid/33969 • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 76%CPEs: 88EXPL: 0CVE-2009-0771 – Firefox 3 Layout Engine Crashes
https://notcve.org/view.php?id=CVE-2009-0771
The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption and assertion failures. El motor de diseño en Mozilla Firefox anterior a v3.0.7, Thunderbird anterior a v2.0.0.21, y SeaMonkey v1.1.15, permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente la ejecución de código de su elección a través de vectores que provocan una corrupción de memoria y un fallo de aserción. • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html http://secunia.com/advisories/34140 http://secunia.com/advisories/34145 http://secunia.com/advisories/34272 http://secunia.com/advisories/34383 http://secunia.com/advisories/34462 http://secunia.com/advisories/34464 http://secunia.com/advisories/34527 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.405420 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&am • CWE-399: Resource Management Errors •