CVE-2009-0352

Published: Feb 4, 2009Modified: Apr 23, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and destruction of arbitrary layout objects by the nsViewManager::Composite function.

Affected (70)

Products: Mozilla: Firefox, Seamonkey, Thunderbird

3 products

Configuration A

70 vulnerable

Vulnerable Software	Affected Versions
Mozilla Firefox	Version 3.0.1
Mozilla Firefox	Version 3.0.2
Mozilla Firefox	Version 3.0.3
Mozilla Firefox	Version 3.0.4
Mozilla Firefox	Version 3.0.5
Mozilla Firefox	Version 3.0
Mozilla Seamonkey	Up to 1.1.13
Mozilla Seamonkey	Version 1.0.1
Mozilla Seamonkey	Version 1.0.2
Mozilla Seamonkey	Version 1.0.3
Mozilla Seamonkey	Version 1.0.5
Mozilla Seamonkey	Version 1.0.6
Mozilla Seamonkey	Version 1.0.7
Mozilla Seamonkey	Version 1.0.8
Mozilla Seamonkey	Version 1.0.9
Mozilla Seamonkey	Version 1.0
Mozilla Seamonkey	Version 1.1.10
Mozilla Seamonkey	Version 1.1.11
Mozilla Seamonkey	Version 1.1.12
Mozilla Seamonkey	Version 1.1.1
Mozilla Seamonkey	Version 1.1.2
Mozilla Seamonkey	Version 1.1.3
Mozilla Seamonkey	Version 1.1.4
Mozilla Seamonkey	Version 1.1.5
Mozilla Seamonkey	Version 1.1.6
Mozilla Seamonkey	Version 1.1.7
Mozilla Seamonkey	Version 1.1.8
Mozilla Seamonkey	Version 1.1.9
Mozilla Seamonkey	Version 1.1
Mozilla Seamonkey	Version 1.1 alpha
Mozilla Seamonkey	Version 1.1 beta
Mozilla Thunderbird	Up to 2.0.0.19
Mozilla Thunderbird	Version 1.0.1
Mozilla Thunderbird	Version 1.0.2
Mozilla Thunderbird	Version 1.0.3
Mozilla Thunderbird	Version 1.0.4
Mozilla Thunderbird	Version 1.0.5
Mozilla Thunderbird	Version 1.0.5 beta
Mozilla Thunderbird	Version 1.0.6
Mozilla Thunderbird	Version 1.0.7
Mozilla Thunderbird	Version 1.0.8
Mozilla Thunderbird	Version 1.0
Mozilla Thunderbird	Version 1.5.0.10
Mozilla Thunderbird	Version 1.5.0.11
Mozilla Thunderbird	Version 1.5.0.12
Mozilla Thunderbird	Version 1.5.0.13
Mozilla Thunderbird	Version 1.5.0.14
Mozilla Thunderbird	Version 1.5.0.1
Mozilla Thunderbird	Version 1.5.0.2
Mozilla Thunderbird	Version 1.5.0.3
Mozilla Thunderbird	Version 1.5.0.4
Mozilla Thunderbird	Version 1.5.0.5
Mozilla Thunderbird	Version 1.5.0.6
Mozilla Thunderbird	Version 1.5.0.7
Mozilla Thunderbird	Version 1.5.0.8
Mozilla Thunderbird	Version 1.5.0.9
Mozilla Thunderbird	Version 1.5.1
Mozilla Thunderbird	Version 1.5.2
Mozilla Thunderbird	Version 1.5
Mozilla Thunderbird	Version 1.5 beta2
Mozilla Thunderbird	Version 2.0.0.0
Mozilla Thunderbird	Version 2.0.0.12
Mozilla Thunderbird	Version 2.0.0.14
Mozilla Thunderbird	Version 2.0.0.16
Mozilla Thunderbird	Version 2.0.0.17
Mozilla Thunderbird	Version 2.0.0.18
Mozilla Thunderbird	Version 2.0.0.4
Mozilla Thunderbird	Version 2.0.0.5
Mozilla Thunderbird	Version 2.0.0.6
Mozilla Thunderbird	Version 2.0.0.9

Related CWEs

CWE-399

References (96)

http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00001.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2009-0256.html

Source: secalert@redhat.com

http://secunia.com/advisories/33799

Source: secalert@redhat.com

http://secunia.com/advisories/33802

Source: secalert@redhat.com

http://secunia.com/advisories/33808

Source: secalert@redhat.com

http://secunia.com/advisories/33809

Source: secalert@redhat.com

http://secunia.com/advisories/33816

Source: secalert@redhat.com

http://secunia.com/advisories/33831

Source: secalert@redhat.com

http://secunia.com/advisories/33841

Source: secalert@redhat.com

http://secunia.com/advisories/33846

Source: secalert@redhat.com

http://secunia.com/advisories/33869

Source: secalert@redhat.com

http://secunia.com/advisories/34324

Source: secalert@redhat.com

http://secunia.com/advisories/34387

Source: secalert@redhat.com

http://secunia.com/advisories/34417

Source: secalert@redhat.com

http://secunia.com/advisories/34462

Source: secalert@redhat.com

http://secunia.com/advisories/34464

Source: secalert@redhat.com

http://secunia.com/advisories/34527

Source: secalert@redhat.com

http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.405420

Source: secalert@redhat.com

http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.433952

Source: secalert@redhat.com

http://support.avaya.com/elmodocs2/security/ASA-2009-040.htm

Source: secalert@redhat.com

http://www.debian.org/security/2009/dsa-1830

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2009:044

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2009:083

Source: secalert@redhat.com

http://www.mozilla.org/security/announce/2009/mfsa2009-01.html

Source: secalert@redhat.com

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2009-0257.html

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2009-0258.html

Source: secalert@redhat.com

http://www.securityfocus.com/bid/33598

Source: secalert@redhat.com

http://www.securitytracker.com/id?1021663

Source: secalert@redhat.com

http://www.ubuntu.com/usn/usn-717-1

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2009/0313

Source: secalert@redhat.com

https://bugzilla.mozilla.org/show_bug.cgi?id=331088

Source: secalert@redhat.com

https://bugzilla.mozilla.org/show_bug.cgi?id=401042

Source: secalert@redhat.com

https://bugzilla.mozilla.org/show_bug.cgi?id=416461

Source: secalert@redhat.com

https://bugzilla.mozilla.org/show_bug.cgi?id=420697

Source: secalert@redhat.com

https://bugzilla.mozilla.org/show_bug.cgi?id=421839

Source: secalert@redhat.com

https://bugzilla.mozilla.org/show_bug.cgi?id=422283

Source: secalert@redhat.com

https://bugzilla.mozilla.org/show_bug.cgi?id=422301

Source: secalert@redhat.com

https://bugzilla.mozilla.org/show_bug.cgi?id=431705

Source: secalert@redhat.com

https://bugzilla.mozilla.org/show_bug.cgi?id=437142

Source: secalert@redhat.com

https://bugzilla.mozilla.org/show_bug.cgi?id=449006

Source: secalert@redhat.com

https://bugzilla.mozilla.org/show_bug.cgi?id=461027

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10699

Source: secalert@redhat.com

https://usn.ubuntu.com/741-1/

Source: secalert@redhat.com

https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00240.html

Source: secalert@redhat.com

https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html

Source: secalert@redhat.com

https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html

Source: secalert@redhat.com

https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01077.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00001.html