Mozilla Firefox Denial Of Service Vulnerability Nov-09 (Linux) Network Vulnerability

Summary

This host is installed with Mozilla Firefox and is prone to Denial of Service vulnerability.

Impact

Denial of Service or arbitrary code execution. Impact Level: Application/System

Solution

Upgrade to Firefox version 3.0.15 http://www.mozilla.com/en-US/firefox/all.html

Insight

A memory corruption error in layout/base/nsCSSFrameConstructor.cpp in the browser engine can be exploited to potentially execute arbitrary code or crash the browser.

Affected

Firefox version 3.0 before 3.0.15 on Linux.

References

http://www.mozilla.org/security/announce/2009/mfsa2009-64.html
https://bugzilla.mozilla.org/show_bug.cgi?id=514960

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-3382
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

ClamAV Multiple Vulnerabilities (Linux)
AppSocket DoS
BlackIce DoS (ping flood)
Firefox XSL Parsing Vulnerability (Linux)
Adobe Flash Media Server Multiple Denial of Service Vulnerabilities

Take action and discover your vulnerabilities