CVSS: 10.0EPSS: 26%CPEs: 3EXPL: 0CVE-2009-3073
https://notcve.org/view.php?id=CVE-2009-3073
Unspecified vulnerability in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Vulnerabilidad sin especificar en el motor JavaScript en Mozilla Firefox v3.5.x anterior a v3.5.3, permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de aplicación) o posiblemente la ejecución remota de código a través de vectores desconocidos. • http://secunia.com/advisories/36671 http://secunia.com/advisories/37098 http://www.mozilla.org/security/announce/2009/mfsa2009-47.html http://www.novell.com/linux/security/advisories/2009_48_firefox.html http://www.securityfocus.com/bid/36343 https://bugzilla.mozilla.org/show_bug.cgi?id=507292 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6398 •
CVSS: 10.0EPSS: 74%CPEs: 107EXPL: 0CVE-2009-3072 – Firefox 3.5.3 3.0.14 browser engine crashes
https://notcve.org/view.php?id=CVE-2009-3072
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the BinHex decoder in netwerk/streamconv/converters/nsBinHexDecoder.cpp, and unknown vectors. Múltiples vulnerabilidades no especificadas en el motor de navegación de Mozilla Firefox anterior a v3.0.14 y v3.5.x anterior a v3.5.3; permiten a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) o puede que ejecutar código de su elección a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://secunia.com/advisories/36669 http://secunia.com/advisories/36670 http://secunia.com/advisories/36671 http://secunia.com/advisories/36692 http://secunia.com/advisories/37098 http://secunia.com/advisories/38977 http://secunia.com/advisories/39001 http://www.debian.org/security/2009/dsa-1885 http://www.mozilla.org/security/announce/2009/mfsa2009-47.html http://www.mozilla.org/security/announce/2010&#x •
CVSS: 5.0EPSS: 0%CPEs: 107EXPL: 0CVE-2009-3078 – Firefox 3.5.3 3.0.14 Location bar spoofing via tall line-height Unicode characters
https://notcve.org/view.php?id=CVE-2009-3078
Visual truncation vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to trigger a vertical scroll and spoof URLs via unspecified Unicode characters with a tall line-height property. Vulnerabilidad de truncado visual en Mozilla Firefox anteriores a v3.0.14, y v3.5.x anteriores a v3.5.3, permite a atacantes remotos iniciar un scroll vertical y falsificar URLs a traves de caracteres Unicode con una propiedad "line-height" alta. • http://secunia.com/advisories/36670 http://secunia.com/advisories/36671 http://secunia.com/advisories/36692 http://secunia.com/advisories/37098 http://www.debian.org/security/2009/dsa-1885 http://www.mozilla.org/security/announce/2009/mfsa2009-50.html http://www.novell.com/linux/security/advisories/2009_48_firefox.html http://www.redhat.com/support/errata/RHSA-2009-1430.html http://www.securityfocus.com/bid/36343 http://www.securitytracker.com/id?1022875 https://bugzilla&# • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 1%CPEs: 107EXPL: 0CVE-2009-3079 – Firefox 3.5.3 3.0.14 Chrome privilege escalation with FeedWriter
https://notcve.org/view.php?id=CVE-2009-3079
Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter. Vulnerabilidad inespecífica en Mozilla Firefox anteriores a la v3.0.14, y v3.5.x anterior a la v3.5.3, permite a atacantes remotos ejecutar Javascript arbitrario con privilegios de chrome a través de vectores que incluyen un objeto, el FeedWriter, y el BrowserFeedWriter. • http://secunia.com/advisories/36670 http://secunia.com/advisories/36671 http://secunia.com/advisories/36757 http://secunia.com/advisories/37098 http://www.debian.org/security/2009/dsa-1886 http://www.mozilla.org/security/announce/2009/mfsa2009-51.html http://www.novell.com/linux/security/advisories/2009_48_firefox.html http://www.redhat.com/support/errata/RHSA-2009-1430.html http://www.securityfocus.com/bid/36343 http://www.securitytracker.com/id?1022873 https://bugzilla&# • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 52%CPEs: 104EXPL: 0CVE-2009-3074 – Firefox 3.5 3.0.14 JavaScript engine crashes
https://notcve.org/view.php?id=CVE-2009-3074
Unspecified vulnerability in the JavaScript engine in Mozilla Firefox before 3.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en el motor JavaScript de Mozilla Firefox en versiones anteriores a la v3.0.14 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código de su elección a través de vectores de ataque desconocidos. • http://secunia.com/advisories/36670 http://secunia.com/advisories/36671 http://secunia.com/advisories/36692 http://secunia.com/advisories/37098 http://www.debian.org/security/2009/dsa-1885 http://www.mozilla.org/security/announce/2009/mfsa2009-47.html http://www.novell.com/linux/security/advisories/2009_48_firefox.html http://www.redhat.com/support/errata/RHSA-2009-1430.html http://www.securityfocus.com/bid/36343 https://bugzilla.mozilla.org/show_bug.cgi?id=467493 https: •