Detections
Analytics
CVE-2009-3075
high
Description
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.2, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to use of mutable strings in the js_StringReplaceHelper function in js/src/jsstr.cpp, and unknown vectors.
References
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5717
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11365
https://exchange.xforce.ibmcloud.com/vulnerabilities/53158
https://bugzilla.mozilla.org/show_bug.cgi?id=505305
https://bugzilla.mozilla.org/show_bug.cgi?id=441714
http://www.vupen.com/english/advisories/2010/0650
http://www.vupen.com/english/advisories/2010/0648
http://www.ubuntu.com/usn/USN-915-1
http://www.securityfocus.com/bid/36343
http://www.redhat.com/support/errata/RHSA-2010-0154.html
http://www.redhat.com/support/errata/RHSA-2010-0153.html
http://www.redhat.com/support/errata/RHSA-2009-1432.html
http://www.redhat.com/support/errata/RHSA-2009-1431.html
http://www.redhat.com/support/errata/RHSA-2009-1430.html
http://www.novell.com/linux/security/advisories/2009_48_firefox.html
http://www.mozilla.org/security/announce/2010/mfsa2010-07.html
http://www.mozilla.org/security/announce/2009/mfsa2009-47.html
http://www.debian.org/security/2009/dsa-1885
http://secunia.com/advisories/39001
http://secunia.com/advisories/38977
http://secunia.com/advisories/37098
http://secunia.com/advisories/36692
http://secunia.com/advisories/36671
http://secunia.com/advisories/36670
http://secunia.com/advisories/36669
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html