10

CVE-2009-0775

EPSS 6.59%
Published 05.03.2009 02:30:00
Last modified 09.04.2025 00:30:58
Source secalert@redhat.com
Teams watchlist Login
Open Login

Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection.

Affected products Warnungen 0 Metrics 2 CWE 0 References 30

Data is provided by the National Vulnerability Database (NVD)

Mozilla ≫ Firefox Version <= 3.0.6

Mozilla ≫ Firefox Version1.0

Mozilla ≫ Firefox Version1.0.1

Mozilla ≫ Firefox Version1.0.2

Mozilla ≫ Firefox Version1.0.3

Mozilla ≫ Firefox Version1.0.4

Mozilla ≫ Firefox Version1.0.5

Mozilla ≫ Firefox Version1.0.6

Mozilla ≫ Firefox Version1.0.7

Mozilla ≫ Firefox Version1.0.8

Mozilla ≫ Firefox Version1.5

Mozilla ≫ Firefox Version1.5.0.1

Mozilla ≫ Firefox Version1.5.0.2

Mozilla ≫ Firefox Version1.5.0.3

Mozilla ≫ Firefox Version1.5.0.4

Mozilla ≫ Firefox Version1.5.0.5

Mozilla ≫ Firefox Version1.5.0.6

Mozilla ≫ Firefox Version1.5.0.7

Mozilla ≫ Firefox Version1.5.0.8

Mozilla ≫ Firefox Version1.5.0.9

Mozilla ≫ Firefox Version1.5.0.10

Mozilla ≫ Firefox Version1.5.0.11

Mozilla ≫ Firefox Version1.5.0.12

Mozilla ≫ Firefox Version2.0

Mozilla ≫ Firefox Version2.0.0.1

Mozilla ≫ Firefox Version2.0.0.2

Mozilla ≫ Firefox Version2.0.0.3

Mozilla ≫ Firefox Version2.0.0.4

Mozilla ≫ Firefox Version2.0.0.5

Mozilla ≫ Firefox Version2.0.0.6

Mozilla ≫ Firefox Version2.0.0.7

Mozilla ≫ Firefox Version2.0.0.8

Mozilla ≫ Firefox Version2.0.0.9

Mozilla ≫ Firefox Version2.0.0.10

Mozilla ≫ Firefox Version2.0.0.11

Mozilla ≫ Firefox Version2.0.0.12

Mozilla ≫ Firefox Version2.0.0.13

Mozilla ≫ Firefox Version2.0.0.14

Mozilla ≫ Firefox Version2.0.0.15

Mozilla ≫ Firefox Version2.0.0.16

Mozilla ≫ Firefox Version2.0.0.17

Mozilla ≫ Firefox Version2.0.0.18

Mozilla ≫ Firefox Version2.0.0.19

Mozilla ≫ Firefox Version2.0.0.20

Mozilla ≫ Firefox Version3.0

Mozilla ≫ Firefox Version3.0.1

Mozilla ≫ Firefox Version3.0.2

Mozilla ≫ Firefox Version3.0.3

Mozilla ≫ Firefox Version3.0.4

Mozilla ≫ Firefox Version3.0.5

Mozilla ≫ Seamonkey Version <= 1.1.14

Mozilla ≫ Seamonkey Version1.0

Mozilla ≫ Seamonkey Version1.0.1

Mozilla ≫ Seamonkey Version1.0.2

Mozilla ≫ Seamonkey Version1.0.3

Mozilla ≫ Seamonkey Version1.0.5

Mozilla ≫ Seamonkey Version1.0.6

Mozilla ≫ Seamonkey Version1.0.7

Mozilla ≫ Seamonkey Version1.0.8

Mozilla ≫ Seamonkey Version1.0.9

Mozilla ≫ Seamonkey Version1.1

Mozilla ≫ Seamonkey Version1.1 Updatealpha

Mozilla ≫ Seamonkey Version1.1 Updatebeta

Mozilla ≫ Seamonkey Version1.1.1

Mozilla ≫ Seamonkey Version1.1.2

Mozilla ≫ Seamonkey Version1.1.3

Mozilla ≫ Seamonkey Version1.1.4

Mozilla ≫ Seamonkey Version1.1.5

Mozilla ≫ Seamonkey Version1.1.6

Mozilla ≫ Seamonkey Version1.1.7

Mozilla ≫ Seamonkey Version1.1.8

Mozilla ≫ Seamonkey Version1.1.9

Mozilla ≫ Seamonkey Version1.1.10

Mozilla ≫ Seamonkey Version1.1.11

Mozilla ≫ Seamonkey Version1.1.12

Mozilla ≫ Seamonkey Version1.1.13

Mozilla ≫ Thunderbird Version <= 2.0.0.20

Mozilla ≫ Thunderbird Version2.0.0.0

Mozilla ≫ Thunderbird Version2.0.0.4

Mozilla ≫ Thunderbird Version2.0.0.5

Mozilla ≫ Thunderbird Version2.0.0.6

Mozilla ≫ Thunderbird Version2.0.0.9

Mozilla ≫ Thunderbird Version2.0.0.12

Mozilla ≫ Thunderbird Version2.0.0.14

Mozilla ≫ Thunderbird Version2.0.0.16

Mozilla ≫ Thunderbird Version2.0.0.17

Mozilla ≫ Thunderbird Version2.0.0.18

Mozilla ≫ Thunderbird Version2.0.0.19

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	6.59%	0.902

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

http://secunia.com/advisories/34324

http://secunia.com/advisories/34417

http://www.redhat.com/support/errata/RHSA-2009-0258.html

https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html

https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html

http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html

http://secunia.com/advisories/34137

http://secunia.com/advisories/34140

http://secunia.com/advisories/34145

http://secunia.com/advisories/34272

http://support.avaya.com/elmodocs2/security/ASA-2009-069.htm

http://support.avaya.com/japple/css/japple?temp.documentID=366362&temp.productID=154235&temp.releaseID=361845&temp.bucketID=126655&PAGE=Document

http://www.mandriva.com/security/advisories?name=MDVSA-2009:075

http://www.redhat.com/support/errata/RHSA-2009-0315.html

http://www.redhat.com/support/errata/RHSA-2009-0325.html

http://www.securityfocus.com/bid/33990

http://www.vupen.com/english/advisories/2009/0632

http://secunia.com/advisories/34383

http://www.debian.org/security/2009/dsa-1751

http://www.mozilla.org/security/announce/2009/mfsa2009-08.html

http://www.securitytracker.com/id?1021796

https://bugzilla.mozilla.org/show_bug.cgi?id=474456

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5806

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5816

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6207

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7584

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9681

https://nvd.nist.gov/vuln/detail/CVE-2009-0775

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-0775

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-0775

EUVD