CVE-2009-3072

HIGH

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the BinHex decoder in netwerk/streamconv/converters/nsBinHexDecoder.cpp, and unknown vectors.

References

http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html

http://secunia.com/advisories/36669

http://secunia.com/advisories/36670

http://secunia.com/advisories/36671

http://secunia.com/advisories/36692

http://secunia.com/advisories/37098

http://secunia.com/advisories/38977

http://secunia.com/advisories/39001

http://www.debian.org/security/2009/dsa-1885

http://www.mozilla.org/security/announce/2009/mfsa2009-47.html

http://www.mozilla.org/security/announce/2010/mfsa2010-07.html

http://www.novell.com/linux/security/advisories/2009_48_firefox.html

http://www.redhat.com/support/errata/RHSA-2009-1430.html

http://www.redhat.com/support/errata/RHSA-2009-1431.html

http://www.redhat.com/support/errata/RHSA-2009-1432.html

http://www.redhat.com/support/errata/RHSA-2010-0153.html

http://www.redhat.com/support/errata/RHSA-2010-0154.html

http://www.securityfocus.com/bid/36343

http://www.ubuntu.com/usn/USN-915-1

http://www.vupen.com/english/advisories/2010/0648

http://www.vupen.com/english/advisories/2010/0650

https://bugzilla.mozilla.org/show_bug.cgi?id=494283

https://bugzilla.mozilla.org/show_bug.cgi?id=501900

https://bugzilla.mozilla.org/show_bug.cgi?id=508074

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10349

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6315

Details

Source: MITRE

Published: 2009-09-10

Updated: 2017-09-19

Risk Information

CVSS v2.0

Base Score: 10

Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Impact Score: 10

Exploitability Score: 10

Severity: HIGH