The browser engine in Mozilla Firefox 3.5.x before 3.5.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the TraceRecorder::snapshot function in js/src/jstracer.cpp, and unspecified other vectors.
http://secunia.com/advisories/36126
http://sunsolve.sun.com/search/document.do?assetkey=1-66-266148-1
http://www.mozilla.org/security/announce/2009/mfsa2009-45.html
http://www.securityfocus.com/bid/35927
http://www.vupen.com/english/advisories/2009/2142
https://bugzilla.mozilla.org/show_bug.cgi?id=502832
https://bugzilla.mozilla.org/show_bug.cgi?id=503144
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00198.html
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00261.html
OR
cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* versions up to 3.0.12 (inclusive)
ID | Name | Product | Family | Severity |
---|---|---|---|---|
67922 | Oracle Linux 4 / 5 : firefox (ELSA-2009-1430) | Nessus | Oracle Linux Local Security Checks | critical |
63402 | GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST) | Nessus | Gentoo Local Security Checks | critical |
41984 | openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-6495) | Nessus | SuSE Local Security Checks | critical |
41468 | SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 6433) | Nessus | SuSE Local Security Checks | critical |
41358 | SuSE 11 Security Update : Mozilla Firefox (SAT Patch Number 1200) | Nessus | SuSE Local Security Checks | critical |
40932 | CentOS 4 / 5 : firefox / seamonkey (CESA-2009:1430) | Nessus | CentOS Local Security Checks | critical |
40921 | RHEL 4 / 5 : firefox (RHSA-2009:1430) | Nessus | Red Hat Local Security Checks | critical |
40648 | openSUSE Security Update : MozillaFirefox (MozillaFirefox-1202) | Nessus | SuSE Local Security Checks | critical |
40641 | openSUSE Security Update : MozillaFirefox (MozillaFirefox-1202) | Nessus | SuSE Local Security Checks | critical |
40484 | Fedora 10 : Miro-2.0.5-3.fc10 / blam-1.8.5-13.fc10 / epiphany-2.24.3-9.fc10 / etc (2009-8288) | Nessus | Fedora Local Security Checks | critical |
40483 | Fedora 11 : kazehakase-0.5.6-11.svn3771_trunk.fc11.4 / Miro-2.0.5-3.fc11 / blam-1.8.5-13.fc11 / etc (2009-8279) | Nessus | Fedora Local Security Checks | critical |