← Back

CVE-2009-2466

nvd nist
Published: Jul 22, 2009Modified: Jun 25, 2025

JSON object

Loading...
10.0
Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 10.0 / Impact: 10.0
Source: NVD

Description

The JavaScript engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) nsDOMClassInfo.cpp, (2) JS_HashTableRawLookup, and (3) MirrorWrappedNativeParent and js_LockGCThingRT.

Affected (2)

Mozilla
2 products
Firefox
Thunderbird
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Firefox
Before 3.0.12
Thunderbird
Up to 3.0.11

Related CWEs

CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

References (50)

Source: secalert@redhat.com
Broken Link
Source: secalert@redhat.com
Broken Link
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Not ApplicableVendor Advisory
Source: secalert@redhat.com
Not ApplicableVendor Advisory
Source: secalert@redhat.com
Not ApplicablePatchVendor Advisory
Source: secalert@redhat.com
Not ApplicableVendor Advisory
Source: secalert@redhat.com
Not Applicable
Source: secalert@redhat.com
Not Applicable
Source: secalert@redhat.com
Broken Link
Source: secalert@redhat.com
Broken Link
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Broken LinkPatch
Source: secalert@redhat.com
Broken LinkVendor Advisory
Source: secalert@redhat.com
Broken Link
Source: secalert@redhat.com
Broken Link
Source: secalert@redhat.com
ExploitIssue TrackingVendor Advisory
Source: secalert@redhat.com
Broken LinkExploit
Source: secalert@redhat.com
Issue TrackingPatchVendor Advisory
Source: secalert@redhat.com
Issue TrackingVendor Advisory
Source: secalert@redhat.com
Broken Link
Source: secalert@redhat.com
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Not ApplicableVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Not ApplicableVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Not ApplicablePatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Not ApplicableVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Not Applicable
Source: af854a3a-2127-422b-91ae-364da2661108
Not Applicable
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkPatch
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitIssue TrackingVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkExploit
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link

Timeline

No history available yet.