Mozilla Firefox Denial Of Service Vulnerability Nov-09 (Linux) Network Vulnerability

Summary

This host is installed with Mozilla Firefox and is prone to Denial of Service vulnerability.

Impact

Denial of Service or arbitrary code execution. Impact Level: Application/System

Solution

Upgrade to Firefox version 3.0.15 http://www.mozilla.com/en-US/firefox/all.html

Insight

A memory corruption error in layout/base/nsCSSFrameConstructor.cpp in the browser engine can be exploited to potentially execute arbitrary code or crash the browser.

Affected

Firefox version 3.0 before 3.0.15 on Linux.

References

http://www.mozilla.org/security/announce/2009/mfsa2009-64.html
https://bugzilla.mozilla.org/show_bug.cgi?id=514960

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-3382

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Active Perl Denial of Service Vulnerability (Windows)
Easy RM to MP3 Converter Buffer Overflow Vulnerability
Asterisk PBX NULL Pointer Dereference Overflow
Apache 'mod_deflate' Denial Of Service Vulnerability - July09
cfengine AuthenticationDialogue vulnerability

Take action and discover your vulnerabilities