Vulnerability-Lookup

CVE-2009-2462 (GCVE-0-2009-2462)

Vulnerability from cvelistv5 – Published: 2009-07-22 18:00 – Updated: 2024-08-07 05:52

Summary

The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synchronous events, (2) a SetMayHaveFrame assertion and nsCSSFrameConstructor::CreateFloatingLetterFrame, (3) nsCSSFrameConstructor::ConstructFrame, (4) the child list and initial reflow, (5) GetLastSpecialSibling, (6) nsFrameManager::GetPrimaryFrameFor and MathML, (7) nsFrame::GetBoxAscent, (8) nsCSSFrameConstructor::AdjustParentFrame, (9) nsDOMOfflineResourceList, and (10) nsContentUtils::ComparePosition.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
	http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
	http://www.redhat.com/support/errata/RHSA-2010-01…	vendor-advisoryx_refsource_REDHAT
	https://bugzilla.mozilla.org/show_bug.cgi?id=463350	x_refsource_CONFIRM
	https://bugzilla.mozilla.org/show_bug.cgi?id=468211	x_refsource_CONFIRM
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://secunia.com/advisories/36145	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/35944	third-party-advisoryx_refsource_SECUNIA
	https://bugzilla.mozilla.org/show_bug.cgi?id=461861	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2010/0650	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/35943	third-party-advisoryx_refsource_SECUNIA
	https://bugzilla.mozilla.org/show_bug.cgi?id=442227	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2009-1162.html	vendor-advisoryx_refsource_REDHAT
	http://www.mozilla.org/security/announce/2009/mfs…	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2010-01…	vendor-advisoryx_refsource_REDHAT
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://bugzilla.mozilla.org/show_bug.cgi?id=466763	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/35758	vdb-entryx_refsource_BID
	http://www.vupen.com/english/advisories/2009/2152	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/36005	third-party-advisoryx_refsource_SECUNIA
	https://bugzilla.mozilla.org/show_bug.cgi?id=445177	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2009-1163.html	vendor-advisoryx_refsource_REDHAT
	https://bugzilla.mozilla.org/show_bug.cgi?id=472668	x_refsource_CONFIRM
	http://secunia.com/advisories/35947	third-party-advisoryx_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://bugzilla.mozilla.org/show_bug.cgi?id=472950	x_refsource_CONFIRM
	https://bugzilla.mozilla.org/show_bug.cgi?id=491134	x_refsource_CONFIRM
	http://secunia.com/advisories/35914	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2009/1972	vdb-entryx_refsource_VUPEN
	https://bugzilla.mozilla.org/show_bug.cgi?id=413085	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:52:15.181Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "265068",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-265068-1"
          },
          {
            "name": "1020800",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020800.1-1"
          },
          {
            "name": "RHSA-2010:0153",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0153.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=463350"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=468211"
          },
          {
            "name": "FEDORA-2009-7961",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01032.html"
          },
          {
            "name": "36145",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36145"
          },
          {
            "name": "35944",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35944"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=461861"
          },
          {
            "name": "ADV-2010-0650",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0650"
          },
          {
            "name": "35943",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35943"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=442227"
          },
          {
            "name": "SUSE-SA:2009:039",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00005.html"
          },
          {
            "name": "RHSA-2009:1162",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2009-1162.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-34.html"
          },
          {
            "name": "RHSA-2010:0154",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0154.html"
          },
          {
            "name": "oval:org.mitre.oval:def:10906",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10906"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=466763"
          },
          {
            "name": "35758",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35758"
          },
          {
            "name": "ADV-2009-2152",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2152"
          },
          {
            "name": "36005",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36005"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=445177"
          },
          {
            "name": "RHSA-2009:1163",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2009-1163.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=472668"
          },
          {
            "name": "35947",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35947"
          },
          {
            "name": "SUSE-SA:2009:042",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00002.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=472950"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=491134"
          },
          {
            "name": "35914",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35914"
          },
          {
            "name": "ADV-2009-1972",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1972"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=413085"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-07-21T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synchronous events, (2) a SetMayHaveFrame assertion and nsCSSFrameConstructor::CreateFloatingLetterFrame, (3) nsCSSFrameConstructor::ConstructFrame, (4) the child list and initial reflow, (5) GetLastSpecialSibling, (6) nsFrameManager::GetPrimaryFrameFor and MathML, (7) nsFrame::GetBoxAscent, (8) nsCSSFrameConstructor::AdjustParentFrame, (9) nsDOMOfflineResourceList, and (10) nsContentUtils::ComparePosition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "265068",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-265068-1"
        },
        {
          "name": "1020800",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020800.1-1"
        },
        {
          "name": "RHSA-2010:0153",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0153.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=463350"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=468211"
        },
        {
          "name": "FEDORA-2009-7961",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01032.html"
        },
        {
          "name": "36145",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36145"
        },
        {
          "name": "35944",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35944"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=461861"
        },
        {
          "name": "ADV-2010-0650",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0650"
        },
        {
          "name": "35943",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35943"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=442227"
        },
        {
          "name": "SUSE-SA:2009:039",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00005.html"
        },
        {
          "name": "RHSA-2009:1162",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2009-1162.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-34.html"
        },
        {
          "name": "RHSA-2010:0154",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0154.html"
        },
        {
          "name": "oval:org.mitre.oval:def:10906",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10906"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=466763"
        },
        {
          "name": "35758",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35758"
        },
        {
          "name": "ADV-2009-2152",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2152"
        },
        {
          "name": "36005",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36005"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=445177"
        },
        {
          "name": "RHSA-2009:1163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2009-1163.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=472668"
        },
        {
          "name": "35947",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35947"
        },
        {
          "name": "SUSE-SA:2009:042",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00002.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=472950"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=491134"
        },
        {
          "name": "35914",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35914"
        },
        {
          "name": "ADV-2009-1972",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1972"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=413085"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-2462",
    "datePublished": "2009-07-22T18:00:00.000Z",
    "dateReserved": "2009-07-15T00:00:00.000Z",
    "dateUpdated": "2024-08-07T05:52:15.181Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2009-ALE-014

Vulnerability from certfr_alerte - Published: 2009-08-07 - Updated: 2013-02-05

De multiples vulnérabilités conduisant, entre autres, à une exécution de code arbitraire à distance ont été découvertes dans Mozilla Thunderbird.

Description

De multiples vulnérabilités sont présentes dans la version 2.0.0.23 et dans les versions antérieures du client de messagerie Mozilla Thunderbrid. Ces vulnérabilités permettent de réaliser des actions malveillantes telles que le contournement de la politique de sécurité, l'élévation de privilège, ou encore l'exécution de code arbitraire à distance.

Pour le détail de chaque vulnérabilité, se reporter aux bulletins de sécurité de l'éditeur (cf. section Documentation).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Mozilla	Thunderbird	Mozilla Thunderbird version 2.0.0.23 et versions antérieures.

References

Title

Publication Time

Tags

Bulletins de sécurité Mozilla MFSA2009-18, MFSA2009-19, MFSA2009-31,	None	vendor-advisory
MFSA2009-34, MFSA2009-42, MFSA2009-43	None	vendor-advisory
Bulletin de sécurité de la fondation Mozilla 2009/mfsa2009-19 du 21 avril 2009 :	-	other
Bulletin de sécurité de la fondation Mozilla 2009/mfsa2009-34 du 21 juillet 2009 :	-	other
Bulletin de sécurité de la fondation Mozilla 2009/mfsa2009-42 du 01 août 2009 :	-	other
Bulletin de sécurité de la fondation Mozilla 2009/mfsa2009-43 du 01 août 2009 :	-	other
Bulletin de sécurité de la fondation Mozilla 2009/mfsa2009-18 du 21 avril 2009 :	-	other
Bulletin d'actualité du CERTA numéro CERTA-2009-ACT-032 du 07 août 2009 :	-	other
Bulletin de sécurité de la fondation Mozilla 2009/mfsa2009-31 du 11 juin 2009 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mozilla Thunderbird version 2.0.0.23 et versions ant\u00e9rieures.",
      "product": {
        "name": "Thunderbird",
        "vendor": {
          "name": "Mozilla",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2013-02-05",
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s sont pr\u00e9sentes dans la version 2.0.0.23 et\ndans les versions ant\u00e9rieures du client de messagerie Mozilla\nThunderbrid. Ces vuln\u00e9rabilit\u00e9s permettent de r\u00e9aliser des actions\nmalveillantes telles que le contournement de la politique de s\u00e9curit\u00e9,\nl\u0027\u00e9l\u00e9vation de privil\u00e8ge, ou encore l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance.\n\nPour le d\u00e9tail de chaque vuln\u00e9rabilit\u00e9, se reporter aux bulletins de\ns\u00e9curit\u00e9 de l\u0027\u00e9diteur (cf. section Documentation).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-2464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2464"
    },
    {
      "name": "CVE-2009-2466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2466"
    },
    {
      "name": "CVE-2009-1308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1308"
    },
    {
      "name": "CVE-2009-2465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2465"
    },
    {
      "name": "CVE-2009-2462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2462"
    },
    {
      "name": "CVE-2009-2463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2463"
    },
    {
      "name": "CVE-2009-2404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2404"
    },
    {
      "name": "CVE-2009-1840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1840"
    },
    {
      "name": "CVE-2009-2408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2408"
    },
    {
      "name": "CVE-2009-1309",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1309"
    }
  ],
  "initial_release_date": "2009-08-07T00:00:00",
  "last_revision_date": "2013-02-05T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla    2009/mfsa2009-19 du 21 avril 2009 :",
      "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-19.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla    2009/mfsa2009-34 du 21 juillet 2009 :",
      "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-34.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla    2009/mfsa2009-42 du 01 ao\u00fbt 2009 :",
      "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-42.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla    2009/mfsa2009-43 du 01 ao\u00fbt 2009 :",
      "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-43.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla    2009/mfsa2009-18 du 21 avril 2009 :",
      "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-18.html"
    },
    {
      "title": "Bulletin d\u0027actualit\u00e9 du CERTA num\u00e9ro CERTA-2009-ACT-032 du    07 ao\u00fbt 2009 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2009-ACT-032/index.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla    2009/mfsa2009-31 du 11 juin 2009 :",
      "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-31.html"
    }
  ],
  "reference": "CERTA-2009-ALE-014",
  "revisions": [
    {
      "description": "version initiale ;",
      "revision_date": "2009-08-07T00:00:00.000000"
    },
    {
      "description": "prise en compte de la version 2.0.0.23 ;",
      "revision_date": "2009-08-25T00:00:00.000000"
    },
    {
      "description": "fermeture de l\u0027alerte, suite \u00e0 la correction de l\u0027\u00e9diteur.",
      "revision_date": "2013-02-05T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s conduisant, entre autres, \u00e0 une ex\u00e9cution de\ncode arbitraire \u00e0 distance ont \u00e9t\u00e9 d\u00e9couvertes dans Mozilla Thunderbird.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s du client de messagerie Mozilla Thunderbird",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletins de s\u00e9curit\u00e9 Mozilla MFSA2009-18, MFSA2009-19, MFSA2009-31,",
      "url": null
    },
    {
      "published_at": null,
      "title": "MFSA2009-34, MFSA2009-42, MFSA2009-43",
      "url": null
    }
  ]
}

GHSA-GPHM-8F5H-PV33

Vulnerability from github – Published: 2022-05-02 03:35 – Updated: 2022-05-02 03:35

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-2462"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-07-22T18:30:00Z",
    "severity": "HIGH"
  },
  "details": "The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synchronous events, (2) a SetMayHaveFrame assertion and nsCSSFrameConstructor::CreateFloatingLetterFrame, (3) nsCSSFrameConstructor::ConstructFrame, (4) the child list and initial reflow, (5) GetLastSpecialSibling, (6) nsFrameManager::GetPrimaryFrameFor and MathML, (7) nsFrame::GetBoxAscent, (8) nsCSSFrameConstructor::AdjustParentFrame, (9) nsDOMOfflineResourceList, and (10) nsContentUtils::ComparePosition.",
  "id": "GHSA-gphm-8f5h-pv33",
  "modified": "2022-05-02T03:35:33Z",
  "published": "2022-05-02T03:35:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2462"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=413085"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=442227"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=445177"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=461861"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=463350"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=466763"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=468211"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=472668"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=472950"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=491134"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10906"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01032.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00005.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2009-1162.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2009-1163.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/35914"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/35943"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/35944"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/35947"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/36005"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/36145"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-265068-1"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020800.1-1"
    },
    {
      "type": "WEB",
      "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-34.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0153.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0154.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/35758"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/1972"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/2152"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/0650"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2009-2462

Vulnerability from fkie_nvd - Published: 2009-07-22 18:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00005.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00002.html
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2009-1162.html
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2009-1163.html
secalert@redhat.com	http://secunia.com/advisories/35914	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/35943	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/35944	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/35947	Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/36005
secalert@redhat.com	http://secunia.com/advisories/36145
secalert@redhat.com	http://sunsolve.sun.com/search/document.do?assetkey=1-26-265068-1
secalert@redhat.com	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020800.1-1
secalert@redhat.com	http://www.mozilla.org/security/announce/2009/mfsa2009-34.html	Patch, Vendor Advisory
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2010-0153.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2010-0154.html
secalert@redhat.com	http://www.securityfocus.com/bid/35758	Patch
secalert@redhat.com	http://www.vupen.com/english/advisories/2009/1972	Patch, Vendor Advisory
secalert@redhat.com	http://www.vupen.com/english/advisories/2009/2152
secalert@redhat.com	http://www.vupen.com/english/advisories/2010/0650
secalert@redhat.com	https://bugzilla.mozilla.org/show_bug.cgi?id=413085
secalert@redhat.com	https://bugzilla.mozilla.org/show_bug.cgi?id=442227
secalert@redhat.com	https://bugzilla.mozilla.org/show_bug.cgi?id=445177
secalert@redhat.com	https://bugzilla.mozilla.org/show_bug.cgi?id=461861
secalert@redhat.com	https://bugzilla.mozilla.org/show_bug.cgi?id=463350
secalert@redhat.com	https://bugzilla.mozilla.org/show_bug.cgi?id=466763
secalert@redhat.com	https://bugzilla.mozilla.org/show_bug.cgi?id=468211
secalert@redhat.com	https://bugzilla.mozilla.org/show_bug.cgi?id=472668
secalert@redhat.com	https://bugzilla.mozilla.org/show_bug.cgi?id=472950
secalert@redhat.com	https://bugzilla.mozilla.org/show_bug.cgi?id=491134
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10906
secalert@redhat.com	https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01032.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00005.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2009-1162.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2009-1163.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35914	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35943	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35944	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35947	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36005
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36145
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-265068-1
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020800.1-1
af854a3a-2127-422b-91ae-364da2661108	http://www.mozilla.org/security/announce/2009/mfsa2009-34.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2010-0153.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2010-0154.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/35758	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/1972	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/2152
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/0650
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=413085
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=442227
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=445177
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=461861
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=463350
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=466763
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=468211
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=472668
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=472950
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=491134
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10906
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01032.html

Impacted products

Vendor	Product	Version
mozilla	firefox	*
mozilla	firefox	0.1
mozilla	firefox	0.2
mozilla	firefox	0.3
mozilla	firefox	0.4
mozilla	firefox	0.5
mozilla	firefox	0.6
mozilla	firefox	0.6.1
mozilla	firefox	0.7
mozilla	firefox	0.7.1
mozilla	firefox	0.8
mozilla	firefox	0.9
mozilla	firefox	0.9
mozilla	firefox	0.9.1
mozilla	firefox	0.9.2
mozilla	firefox	0.9.3
mozilla	firefox	0.9_rc
mozilla	firefox	0.10
mozilla	firefox	0.10.1
mozilla	firefox	1.0
mozilla	firefox	1.0
mozilla	firefox	1.0.1
mozilla	firefox	1.0.2
mozilla	firefox	1.0.3
mozilla	firefox	1.0.4
mozilla	firefox	1.0.5
mozilla	firefox	1.0.6
mozilla	firefox	1.0.6
mozilla	firefox	1.0.7
mozilla	firefox	1.0.8
mozilla	firefox	1.4.1
mozilla	firefox	1.5
mozilla	firefox	1.5
mozilla	firefox	1.5
mozilla	firefox	1.5.0.1
mozilla	firefox	1.5.0.2
mozilla	firefox	1.5.0.3
mozilla	firefox	1.5.0.4
mozilla	firefox	1.5.0.5
mozilla	firefox	1.5.0.6
mozilla	firefox	1.5.0.7
mozilla	firefox	1.5.0.8
mozilla	firefox	1.5.0.9
mozilla	firefox	1.5.0.10
mozilla	firefox	1.5.0.11
mozilla	firefox	1.5.0.12
mozilla	firefox	1.5.1
mozilla	firefox	1.5.2
mozilla	firefox	1.5.3
mozilla	firefox	1.5.4
mozilla	firefox	1.5.5
mozilla	firefox	1.5.6
mozilla	firefox	1.5.7
mozilla	firefox	1.5.8
mozilla	firefox	1.8
mozilla	firefox	2.0
mozilla	firefox	2.0
mozilla	firefox	2.0
mozilla	firefox	2.0
mozilla	firefox	2.0
mozilla	firefox	2.0.0.1
mozilla	firefox	2.0.0.2
mozilla	firefox	2.0.0.3
mozilla	firefox	2.0.0.4
mozilla	firefox	2.0.0.5
mozilla	firefox	2.0.0.6
mozilla	firefox	2.0.0.7
mozilla	firefox	2.0.0.8
mozilla	firefox	2.0.0.9
mozilla	firefox	2.0.0.10
mozilla	firefox	2.0.0.11
mozilla	firefox	2.0.0.12
mozilla	firefox	2.0.0.13
mozilla	firefox	2.0.0.14
mozilla	firefox	2.0.0.15
mozilla	firefox	2.0.0.16
mozilla	firefox	2.0.0.17
mozilla	firefox	2.0.0.18
mozilla	firefox	2.0.0.19
mozilla	firefox	2.0.0.20
mozilla	firefox	2.0.0.21
mozilla	firefox	2.0_.1
mozilla	firefox	2.0_.4
mozilla	firefox	2.0_.5
mozilla	firefox	2.0_.6
mozilla	firefox	2.0_.7
mozilla	firefox	2.0_.9
mozilla	firefox	2.0_.10
mozilla	firefox	2.0_8
mozilla	firefox	3.0
mozilla	firefox	3.0
mozilla	firefox	3.0
mozilla	firefox	3.0
mozilla	firefox	3.0.1
mozilla	firefox	3.0.2
mozilla	firefox	3.0.3
mozilla	firefox	3.0.4
mozilla	firefox	3.0.5
mozilla	firefox	3.0.6
mozilla	firefox	3.0.7
mozilla	firefox	3.0.8
mozilla	firefox	3.0.9
mozilla	firefox	3.0.10
mozilla	thunderbird	2.0.0.0
mozilla	thunderbird	2.0.0.1
mozilla	thunderbird	2.0.0.2
mozilla	thunderbird	2.0.0.3
mozilla	thunderbird	2.0.0.4
mozilla	thunderbird	2.0.0.5
mozilla	thunderbird	2.0.0.6
mozilla	thunderbird	2.0.0.7
mozilla	thunderbird	2.0.0.8
mozilla	thunderbird	2.0.0.9
mozilla	thunderbird	2.0.0.11
mozilla	thunderbird	2.0.0.12
mozilla	thunderbird	2.0.0.13
mozilla	thunderbird	2.0.0.14
mozilla	thunderbird	2.0.0.15
mozilla	thunderbird	2.0.0.16
mozilla	thunderbird	2.0.0.17
mozilla	thunderbird	2.0.0.18
mozilla	thunderbird	2.0.0.19
mozilla	thunderbird	2.0.0.20
mozilla	thunderbird	2.0.0.21

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF3C1ED-A009-4168-B928-F186006139BC",
              "versionEndIncluding": "3.0.11",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C7AA88B-638A-451A-B235-A1A1444BE417",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C01AD7C-8470-47AB-B8AE-670E3A381E89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E43F2F1-9252-4B44-8A61-D05305915A5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BB9D48B-DC7B-4D92-BB26-B6DE629A2506",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A360D595-A829-4DDE-932E-9995626917E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E9B5349-FAA7-4CDA-9533-1AD1ACDFAC4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "07243837-C353-4C25-A5B1-4DA32807E97D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B832C034-F793-415F-BFC8-D97A18BA6BC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "83CD1A13-66CB-49CC-BD84-5D8334DB774A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "93C142C5-3A85-432B-80D6-2E7B1B4694F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "2434FCE7-A50B-4527-9970-C7224B31141C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*",
              "matchCriteriaId": "5633FB6E-D623-49D4-9858-4E20E64DE458",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "429ECA02-DBCD-45FB-942C-CA4BC1BC8A72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5F0DC80-5473-465C-9D7F-9589F1B78E12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "567FF916-7DE0-403C-8528-7931A43E0D18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.9_rc:*:*:*:*:*:*:*",
              "matchCriteriaId": "E15536D0-B6A3-4106-8196-021724324CAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "010B34F4-910E-4515-990B-8E72DF009578",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FAA1A89-E8D9-46D0-8E2C-9259920ACBFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*",
              "matchCriteriaId": "438AACF8-006F-4522-853F-30DBBABD8C15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:linux:*:*:*:*:*",
              "matchCriteriaId": "659F5DAF-D54F-43FB-AB2A-3FC7D456B434",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B500EE6C-99DB-49A3-A1F1-AFFD7FE28068",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F2938F2-A801-45E5-8E06-BE03DE03C8A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F18A45C0-419C-4723-AB7D-5880EF668CE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "66BE50FE-EA21-4633-A181-CD35196DF06E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D6BF5B1-86D1-47FE-9D9C-735718F94874",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "84D15CE0-69DF-4EFD-801E-96A4D6AABEDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEE203DE-6C0E-4FDE-9C3A-0E73430F17DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2F38886-C25A-4C6B-93E7-36461405BA99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C65D2670-F37F-48CB-804A-D35BB1C27D9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8E5194-7B34-4802-BDA6-6A86EB5EDE05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "FABA5F56-99F7-4F8F-9CC1-5B0B2EB72922",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "2917BD67-CE81-4B94-B241-D4A9DDA60319",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "A524A94E-F19B-42B9-AA8E-171751C339AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F71436CF-F756-44E0-8E69-6951F6B3E54A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "582EE839-B83F-4908-9780-D0C92DC44FD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "824369CF-00A0-434E-94BC-71CA1317012C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCB35099-B04E-4796-A25D-953329FE62F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DBEBCFD-80D6-466A-BAEF-C75E65A3B12E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C30ACBCA-4FA1-46DE-8F15-4830BC27E160",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9453EF65-7C69-449E-BF7C-4FECFB56713E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AA75825-21CF-475B-8040-126A13FA2216",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA97C80E-17FA-4866-86CE-29886145ED80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE24BED-202E-416D-B5F2-8207D97B9939",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "04198E04-CE1D-4A5A-A20C-D1E135B45F94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "717DB967-F658-4699-A224-5B261BFEC10A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3487FA64-BE04-42CA-861E-3DAC097D7D32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0:beta_1:*:*:*:*:*:*",
              "matchCriteriaId": "F61EA4A1-1916-48A5-8196-E3CDEF3108F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "A956C036-1E47-49B2-A971-69868A510B75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "F5AA254D-D41E-464F-9E2A-A950F08C6946",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "B05D2655-6641-42BE-9793-30005AC9D40D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3D956DC-C73B-439F-8D79-8239207CC76F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "57E2C7E7-56C0-466C-BB08-5EB43922C4F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "462E135A-5616-46CC-A9C0-5A7A0526ACC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6121F9C1-F4DF-4AAB-9E51-AC1592AA5639",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "58D44634-A0B5-4F05-8983-B08D392EC742",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB3AC3D3-FDD7-489F-BDCF-BDB55DF33A8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4105171B-9C90-4ABF-B220-A35E7BA9EE40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "20985549-DB24-4B69-9D40-208A47AE658E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "43A13026-416F-4308-8A1B-E989BD769E12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "612B015E-9F96-4CE6-83E4-23848FD609E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E391619-0967-43E1-8CBC-4D54F72A85C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "0544D626-E269-4677-9B05-7DAB23BD103B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "C95F7B2C-80FC-4DF2-9680-F74634DCE3E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "863C140E-DC15-4A88-AB8A-8AEF9F4B8164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "38CD049A-5333-4FF7-AD34-6B74E19BADCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "0066576D-D66A-4B59-B5C3-471EEBEE8B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "60ED6DAA-9194-4829-BC1A-00F04BE7930A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "13BEB9A6-EFD5-4793-9603-84DB84F1CF7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "461163C6-4CA8-4BA9-95A1-136E612CBA6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "275E9D96-1290-44AB-BF9B-E9E4A803F593",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "140EFF03-09CB-436E-AF3F-1CEEFF4D3F1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0_.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "23D609B2-F66C-40F1-B7D9-965189F875A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0_.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "327D8879-0B61-4681-886D-C53BE251E0ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0_.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "59017F18-6C4E-4803-8A65-DB2A849C3197",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0_.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF006282-943B-4885-B523-6E575D664059",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0_.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "26356AB4-1C06-4E16-BAC1-B6A41626A222",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0_.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CC11707-DF87-4046-964D-40CF22385A48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0_.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F73F1171-E34D-4AC0-BF8B-3DB38AA13EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:2.0_8:*:*:*:*:*:*:*",
              "matchCriteriaId": "0422C796-ECC4-42C1-9580-1CE22A096244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "412DF091-7604-4110-87A0-3488116A97E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "7A1DE6AC-C6AA-4B27-AC21-3293E5357A7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "13AAF607-AEEE-4FAF-BE63-73B1D951EF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0:beta5:*:*:*:*:*:*",
              "matchCriteriaId": "20139741-10B1-4E4B-8D5F-A715042049C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "11E07FED-ABDB-4B0A-AB2E-4CBF1EAC4301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A6558F1-9E0D-4107-909A-8EF4BC8A9C2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "63DF3D65-C992-44CF-89B4-893526C6242E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9024117-2E8B-4240-9E21-CC501F3879B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBC3CAD3-2F54-4E32-A0C9-0D826C45AC23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "52624B41-AB34-40AD-8709-D9646B618AB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "917E9856-9556-4FD6-A834-858F8837A6B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "98BBD74D-930C-4D80-A91B-0D61347BAA63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAF2E696-883D-4DE5-8B79-D8E5D9470253",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "94E04FD9-38E8-462D-82C2-729F7F7F0465",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFC60781-766B-4B9C-B68D-45D51C5E5D20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "745C2CBA-4824-441B-A6BC-E80959C2E035",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C6A7D00-A203-4891-96CE-20C91FCBF048",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A8CB480-0595-4BC1-998E-3638E85DB367",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC7EAB8D-CA40-4C29-99DF-24FF1753BCF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C9218A9-DA27-436A-AC93-F465FC14ECF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E66503D7-72CB-42A5-8C85-D9579EF2C0A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CD7D204-3EBA-4D9E-B95A-86524B4C03D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FBBF526-7A28-436B-9B01-EADE913602B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B373B409-0939-4707-99F1-95B121BFF7FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "75A0BCE3-38E7-4318-9A7E-3D895171129A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E80CA1DE-B920-4E28-BEFC-574148D19A0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "2303104C-4A91-4704-A9CB-8C83A859090E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DCDAA51-4AA3-4EC4-B441-71FB3C3304F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "04CA7AD2-79BA-4A73-ADAB-E3BCA3FD7F73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "D54ACD07-FAB7-4513-A707-18FAF7D565C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7260CE1F-501D-44FF-A3FA-2137CA01733B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D3DD1B-64DF-46C8-80A3-99D2E34B665F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DF479C3-95A0-414F-B47B-C94BE95713D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "48702EEB-C272-46ED-9C61-6F44D6964DDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC650D89-CEEC-4A90-B3B9-5F0ADCEFCBB9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synchronous events, (2) a SetMayHaveFrame assertion and nsCSSFrameConstructor::CreateFloatingLetterFrame, (3) nsCSSFrameConstructor::ConstructFrame, (4) the child list and initial reflow, (5) GetLastSpecialSibling, (6) nsFrameManager::GetPrimaryFrameFor and MathML, (7) nsFrame::GetBoxAscent, (8) nsCSSFrameConstructor::AdjustParentFrame, (9) nsDOMOfflineResourceList, and (10) nsContentUtils::ComparePosition."
    },
    {
      "lang": "es",
      "value": "El motor de b\u00fasqueda en Mozilla Firefox anteriores v3.0.12 y Thunderbird permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de memoria y ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo a su elecci\u00f3n a trav\u00e9s de vectores relacionados con (1) el frame chain y synchronous events, (2) una insercci\u00f3n SetMayHaveFrame y nsCSSFrameConstructor::CreateFloatingLetterFrame, (3) nsCSSFrameConstructor::ConstructFrame, (4) la lista hijo e initial reflow, (5) GetLastSpecialSibling, (6) nsFrameManager::GetPrimaryFrameFor and MathML, (7) nsFrame::GetBoxAscent, (8) nsCSSFrameConstructor::AdjustParentFrame, (9) nsDOMOfflineResourceList, y (10) nsContentUtils::ComparePosition."
    }
  ],
  "id": "CVE-2009-2462",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-07-22T18:30:00.187",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00005.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00002.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2009-1162.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2009-1163.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35914"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35943"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35944"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35947"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/36005"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/36145"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-265068-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020800.1-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-34.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0153.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0154.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/35758"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1972"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2009/2152"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/0650"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=413085"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=442227"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=445177"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=461861"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=463350"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=466763"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=468211"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=472668"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=472950"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=491134"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10906"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01032.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2009-1162.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2009-1163.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35914"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35943"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35944"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/35947"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36005"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/36145"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-265068-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020800.1-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-34.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0153.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0154.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/35758"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1972"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/2152"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/0650"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=413085"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=442227"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=445177"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=461861"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=463350"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=466763"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=468211"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=472668"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=472950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=491134"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10906"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01032.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTA-2009-AVI-290

Vulnerability from certfr_avis - Published: 2009-07-24 - Updated: 2009-07-24

De mulitples vulnérabilités ont été découvertes dans Mozilla Firefox et permettent à une personne malintentionnée distante d'effectuer des injections de code indirectes et d'exécuter du code arbitraire.

Description

Plusieurs vulnérabilités dans Mozilla Firefox ont été découvertes :

plusieurs erreurs dans la gestion de la mémoire ont été corrigées ;
une erreur dans l'intégration du module Flash permet une exécution de code arbitraire à distance ;
une erreur dans la gestion de certaines polices de caractères permet à une personne distante malveillante d'exécuter du code arbitraire ;
un problème relatif aux éléments SVG (Scalable Vector Graphics) peut conduire à une exécution de code arbitraire à distance ;
une exécution de code arbitraire est possible via la fonction setTimeout() dans certaines conditions ;
des injections de code indirectes peuvent être menées par l'intermédaire de certains objets.

Solution

Se référer aux bulletins de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Mozilla Firefox versions antérieures à la 3.5.1.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletins de sécurité MFSA2009-34 à MFSA2009-40 du 21 juillet 2009	None	vendor-advisory
Bulletin de sécurité de la fondation Mozilla MFSA2009-37 du 21 juillet 2009 :	-	other
Bulletin de sécurité de la fondation Mozilla MFSA2009-35 du 21 juillet 2009 :	-	other
Bulletin de sécurité de la fondation Mozilla MFSA2009-38 du 21 juillet 2009 :	-	other
Bulletin de sécurité de la fondation Mozilla MFSA2009-39 du 21 juillet 2009 :	-	other
Bulletin de sécurité de la fondation Mozilla MFSA2009-36 du 21 juillet 2009 :	-	other
Bulletin de sécurité de la fondation Mozilla MFSA2009-34 du 21 juillet 2009 :	-	other
Bulletin de sécurité de la fondation Mozilla MFSA2009-40 du 21 juillet 2009 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eMozilla Firefox versions ant\u00e9rieures \u00e0 la 3.5.1.\u003c/P\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s dans Mozilla Firefox ont \u00e9t\u00e9 d\u00e9couvertes :\n\n-   plusieurs erreurs dans la gestion de la m\u00e9moire ont \u00e9t\u00e9 corrig\u00e9es ;\n-   une erreur dans l\u0027int\u00e9gration du module Flash permet une ex\u00e9cution\n    de code arbitraire \u00e0 distance ;\n-   une erreur dans la gestion de certaines polices de caract\u00e8res permet\n    \u00e0 une personne distante malveillante d\u0027ex\u00e9cuter du code arbitraire ;\n-   un probl\u00e8me relatif aux \u00e9l\u00e9ments SVG (Scalable Vector Graphics) peut\n    conduire \u00e0 une ex\u00e9cution de code arbitraire \u00e0 distance ;\n-   une ex\u00e9cution de code arbitraire est possible via la fonction\n    setTimeout() dans certaines conditions ;\n-   des injections de code indirectes peuvent \u00eatre men\u00e9es par\n    l\u0027interm\u00e9daire de certains objets.\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-2471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2471"
    },
    {
      "name": "CVE-2009-2467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2467"
    },
    {
      "name": "CVE-2009-2466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2466"
    },
    {
      "name": "CVE-2009-2468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2468"
    },
    {
      "name": "CVE-2009-2465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2465"
    },
    {
      "name": "CVE-2009-2472",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2472"
    },
    {
      "name": "CVE-2009-2464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2464"
    },
    {
      "name": "CVE-2009-2463",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2463"
    },
    {
      "name": "CVE-2009-1194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1194"
    },
    {
      "name": "CVE-2009-2462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2462"
    },
    {
      "name": "CVE-2009-2469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2469"
    }
  ],
  "initial_release_date": "2009-07-24T00:00:00",
  "last_revision_date": "2009-07-24T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla MFSA2009-37 du    21 juillet 2009 :",
      "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-37.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla MFSA2009-35 du    21 juillet 2009 :",
      "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-35.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla MFSA2009-38 du    21 juillet 2009 :",
      "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-38.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla MFSA2009-39 du    21 juillet 2009 :",
      "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-39.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla MFSA2009-36 du    21 juillet 2009 :",
      "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-36.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla MFSA2009-34 du    21 juillet 2009 :",
      "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-34.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 de la fondation Mozilla MFSA2009-40 du    21 juillet 2009 :",
      "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-40.html"
    }
  ],
  "reference": "CERTA-2009-AVI-290",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-07-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De mulitples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Mozilla Firefox et\npermettent \u00e0 une personne malintentionn\u00e9e distante d\u0027effectuer des\ninjections de code indirectes et d\u0027ex\u00e9cuter du code arbitraire.\n",
  "title": "Mulitples vuln\u00e9rabilit\u00e9s dans Mozilla Firefox",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletins de s\u00e9curit\u00e9 MFSA2009-34 \u00e0 MFSA2009-40 du 21 juillet 2009",
      "url": null
    }
  ]
}

GSD-2009-2462

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2009-2462

Aliases

CVE-2009-2462

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-2462",
    "description": "The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synchronous events, (2) a SetMayHaveFrame assertion and nsCSSFrameConstructor::CreateFloatingLetterFrame, (3) nsCSSFrameConstructor::ConstructFrame, (4) the child list and initial reflow, (5) GetLastSpecialSibling, (6) nsFrameManager::GetPrimaryFrameFor and MathML, (7) nsFrame::GetBoxAscent, (8) nsCSSFrameConstructor::AdjustParentFrame, (9) nsDOMOfflineResourceList, and (10) nsContentUtils::ComparePosition.",
    "id": "GSD-2009-2462",
    "references": [
      "https://www.suse.com/security/cve/CVE-2009-2462.html",
      "https://www.debian.org/security/2009/dsa-1840",
      "https://access.redhat.com/errata/RHSA-2010:0154",
      "https://access.redhat.com/errata/RHSA-2010:0153",
      "https://access.redhat.com/errata/RHSA-2009:1163",
      "https://access.redhat.com/errata/RHSA-2009:1162",
      "https://linux.oracle.com/cve/CVE-2009-2462.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-2462"
      ],
      "details": "The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synchronous events, (2) a SetMayHaveFrame assertion and nsCSSFrameConstructor::CreateFloatingLetterFrame, (3) nsCSSFrameConstructor::ConstructFrame, (4) the child list and initial reflow, (5) GetLastSpecialSibling, (6) nsFrameManager::GetPrimaryFrameFor and MathML, (7) nsFrame::GetBoxAscent, (8) nsCSSFrameConstructor::AdjustParentFrame, (9) nsDOMOfflineResourceList, and (10) nsContentUtils::ComparePosition.",
      "id": "GSD-2009-2462",
      "modified": "2023-12-13T01:19:47.126898Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2009-2462",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synchronous events, (2) a SetMayHaveFrame assertion and nsCSSFrameConstructor::CreateFloatingLetterFrame, (3) nsCSSFrameConstructor::ConstructFrame, (4) the child list and initial reflow, (5) GetLastSpecialSibling, (6) nsFrameManager::GetPrimaryFrameFor and MathML, (7) nsFrame::GetBoxAscent, (8) nsCSSFrameConstructor::AdjustParentFrame, (9) nsDOMOfflineResourceList, and (10) nsContentUtils::ComparePosition."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-265068-1",
            "refsource": "MISC",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-265068-1"
          },
          {
            "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020800.1-1",
            "refsource": "MISC",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020800.1-1"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2009/2152",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2009/2152"
          },
          {
            "name": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00005.html",
            "refsource": "MISC",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00005.html"
          },
          {
            "name": "http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00002.html",
            "refsource": "MISC",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00002.html"
          },
          {
            "name": "http://rhn.redhat.com/errata/RHSA-2009-1162.html",
            "refsource": "MISC",
            "url": "http://rhn.redhat.com/errata/RHSA-2009-1162.html"
          },
          {
            "name": "http://rhn.redhat.com/errata/RHSA-2009-1163.html",
            "refsource": "MISC",
            "url": "http://rhn.redhat.com/errata/RHSA-2009-1163.html"
          },
          {
            "name": "http://secunia.com/advisories/35914",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/35914"
          },
          {
            "name": "http://secunia.com/advisories/35943",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/35943"
          },
          {
            "name": "http://secunia.com/advisories/35944",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/35944"
          },
          {
            "name": "http://secunia.com/advisories/35947",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/35947"
          },
          {
            "name": "http://secunia.com/advisories/36005",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/36005"
          },
          {
            "name": "http://secunia.com/advisories/36145",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/36145"
          },
          {
            "name": "http://www.mozilla.org/security/announce/2009/mfsa2009-34.html",
            "refsource": "MISC",
            "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-34.html"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2010-0153.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0153.html"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2010-0154.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0154.html"
          },
          {
            "name": "http://www.securityfocus.com/bid/35758",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/35758"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2009/1972",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2009/1972"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2010/0650",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2010/0650"
          },
          {
            "name": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01032.html",
            "refsource": "MISC",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01032.html"
          },
          {
            "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=413085",
            "refsource": "MISC",
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=413085"
          },
          {
            "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=442227",
            "refsource": "MISC",
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=442227"
          },
          {
            "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=445177",
            "refsource": "MISC",
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=445177"
          },
          {
            "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=461861",
            "refsource": "MISC",
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=461861"
          },
          {
            "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=463350",
            "refsource": "MISC",
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=463350"
          },
          {
            "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=466763",
            "refsource": "MISC",
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=466763"
          },
          {
            "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=468211",
            "refsource": "MISC",
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=468211"
          },
          {
            "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=472668",
            "refsource": "MISC",
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=472668"
          },
          {
            "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=472950",
            "refsource": "MISC",
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=472950"
          },
          {
            "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=491134",
            "refsource": "MISC",
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=491134"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10906",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10906"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0_.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0_.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0:beta1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0:rc2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0_.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0_.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.9_rc:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:3.0:alpha:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:2.0.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:2.0.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:2.0.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0:beta_1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0_.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0_8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.6:*:linux:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:2.0.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:2.0.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:2.0.0.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:2.0.0.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:2.0.0.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:2.0.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:2.0.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.0.11",
                "vulnerable": false
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:2.0.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:2.0.0.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:2.0.0.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:2.0.0.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:2.0.0.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:2.0.0.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0_.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0_.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:3.0:beta5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:3.0:beta2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:2.0.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:2.0.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:2.0.0.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:2.0.0.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:thunderbird:2.0.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2009-2462"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synchronous events, (2) a SetMayHaveFrame assertion and nsCSSFrameConstructor::CreateFloatingLetterFrame, (3) nsCSSFrameConstructor::ConstructFrame, (4) the child list and initial reflow, (5) GetLastSpecialSibling, (6) nsFrameManager::GetPrimaryFrameFor and MathML, (7) nsFrame::GetBoxAscent, (8) nsCSSFrameConstructor::AdjustParentFrame, (9) nsDOMOfflineResourceList, and (10) nsContentUtils::ComparePosition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2009:1163",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2009-1163.html"
            },
            {
              "name": "35947",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/35947"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=472950",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=472950"
            },
            {
              "name": "35943",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/35943"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=472668",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=472668"
            },
            {
              "name": "http://www.mozilla.org/security/announce/2009/mfsa2009-34.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-34.html"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=413085",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=413085"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=442227",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=442227"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=466763",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=466763"
            },
            {
              "name": "35944",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/35944"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=463350",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=463350"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=491134",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=491134"
            },
            {
              "name": "35758",
              "refsource": "BID",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/35758"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=468211",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=468211"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=445177",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=445177"
            },
            {
              "name": "RHSA-2009:1162",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2009-1162.html"
            },
            {
              "name": "35914",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/35914"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=461861",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=461861"
            },
            {
              "name": "ADV-2009-1972",
              "refsource": "VUPEN",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/1972"
            },
            {
              "name": "FEDORA-2009-7961",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg01032.html"
            },
            {
              "name": "265068",
              "refsource": "SUNALERT",
              "tags": [],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-265068-1"
            },
            {
              "name": "36145",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/36145"
            },
            {
              "name": "ADV-2009-2152",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2009/2152"
            },
            {
              "name": "SUSE-SA:2009:042",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00002.html"
            },
            {
              "name": "36005",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/36005"
            },
            {
              "name": "SUSE-SA:2009:039",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00005.html"
            },
            {
              "name": "RHSA-2010:0153",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0153.html"
            },
            {
              "name": "ADV-2010-0650",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2010/0650"
            },
            {
              "name": "RHSA-2010:0154",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0154.html"
            },
            {
              "name": "1020800",
              "refsource": "SUNALERT",
              "tags": [],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020800.1-1"
            },
            {
              "name": "oval:org.mitre.oval:def:10906",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10906"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-30T16:25Z",
      "publishedDate": "2009-07-22T18:30Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2009-2462 (GCVE-0-2009-2462)

CERTA-2009-ALE-014

Description

Solution

GHSA-GPHM-8F5H-PV33

FKIE_CVE-2009-2462

CERTA-2009-AVI-290

Description

Solution

GSD-2009-2462

Tags

Sightings

Nomenclature