Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1571

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2009-1571
Last Modified 21 Aug 2010 01:32:17
Published 22 Feb 2010 08:00:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-1571

Summary

Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory situations.

Vulnerable Systems

Application

  • Mozilla Firefox 3.0

  • Mozilla Firefox 3.0.1

  • Mozilla Firefox 3.0.10

  • Mozilla Firefox 3.0.11

  • Mozilla Firefox 3.0.12

  • Mozilla Firefox 3.0.13

  • Mozilla Firefox 3.0.14

  • Mozilla Firefox 3.0.15

  • Mozilla Firefox 3.0.17

  • Mozilla Firefox 3.0.2

  • Mozilla Firefox 3.0.3

  • Mozilla Firefox 3.0.4

  • Mozilla Firefox 3.0.5

  • Mozilla Firefox 3.0.6

  • Mozilla Firefox 3.0.7

  • Mozilla Firefox 3.0.8

  • Mozilla Firefox 3.0.9

  • Mozilla Firefox 3.5

  • Mozilla Firefox 3.5.1

  • Mozilla Firefox 3.5.2

  • Mozilla Firefox 3.5.3

  • Mozilla Firefox 3.5.4

  • Mozilla Firefox 3.5.5

  • Mozilla Firefox 3.5.6

  • Mozilla Firefox 3.5.7

  • Mozilla Seamonkey 1.0

  • Mozilla Seamonkey 1.0.1

  • Mozilla Seamonkey 1.0.2

  • Mozilla Seamonkey 1.0.3

  • Mozilla Seamonkey 1.0.4

  • Mozilla Seamonkey 1.0.5

  • Mozilla Seamonkey 1.0.6

  • Mozilla Seamonkey 1.0.7

  • Mozilla Seamonkey 1.0.8

  • Mozilla Seamonkey 1.0.9

  • Mozilla Seamonkey 1.1

  • Mozilla Seamonkey 1.1.1

  • Mozilla Seamonkey 1.1.10

  • Mozilla Seamonkey 1.1.11

  • Mozilla Seamonkey 1.1.12

  • Mozilla Seamonkey 1.1.13

  • Mozilla Seamonkey 1.1.14

  • Mozilla Seamonkey 1.1.15

  • Mozilla Seamonkey 1.1.16

  • Mozilla Seamonkey 1.1.17

  • Mozilla Seamonkey 1.1.2

  • Mozilla Seamonkey 1.1.3

  • Mozilla Seamonkey 1.1.4

  • Mozilla Seamonkey 1.1.5

  • Mozilla Seamonkey 1.1.6

  • Mozilla Seamonkey 1.1.7

  • Mozilla Seamonkey 1.1.8

  • Mozilla Seamonkey 1.1.9

  • Mozilla Seamonkey 2.0

  • Mozilla Seamonkey 2.0.1

  • Mozilla Seamonkey 2.0.2


References

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=526500

XF - mozilla-htmlparser-code-exec(56361)

VUPEN - ADV-2010-0650

VUPEN - ADV-2010-0405

UBUNTU - USN-896-1

UBUNTU - USN-895-1

BUGTRAQ - 20100218 Secunia Research: Mozilla Firefox Memory Corruption Vulnerability

REDHAT - RHSA-2010:0154

REDHAT - RHSA-2010:0153

REDHAT - RHSA-2010:0113

REDHAT - RHSA-2010:0112

CONFIRM - http://www.mozilla.org/security/announce/2010/mfsa2010-03.html

MANDRIVA - MDVSA-2010:051

MANDRIVA - MDVSA-2010:042

DEBIAN - DSA-1999

MISC - http://secunia.com/secunia_research/2009-45/

SECUNIA - 38847

SECUNIA - 38772

SECUNIA - 38770

SECUNIA - 37242

SUSE - SUSE-SA:2010:015

FEDORA - FEDORA-2010-3267

FEDORA - FEDORA-2010-3230

FEDORA - FEDORA-2010-1727

FEDORA - FEDORA-2010-1936

FEDORA - FEDORA-2010-1932


Last Updated: 27 May 2016 10:50:36