CVE-2009-2478

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Mozilla Firefox 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors, related to a "flash bug."

References

https://bugzilla.mozilla.org/show_bug.cgi?id=502648

https://bugzilla.mozilla.org/show_bug.cgi?id=503286

https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00909.html

Details

Source: MITRE

Published: 2009-07-16

Updated: 2009-08-07

Type: CWE-189

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:mozilla:firefox:3.5:*:*:*:*:*:*:*

Tenable Plugins

View all (2 total)

IDNameProductFamilySeverity
63402GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)NessusGentoo Local Security Checks
critical
40347Fedora 11 : kazehakase-0.5.6-11.svn3771_trunk.fc11.3 / Miro-2.0.5-2.fc11 / blam-1.8.5-12.fc11 / etc (2009-7898)NessusFedora Local Security Checks
high