Home > Vulnerability Database > CVE-2009-0775

Mend.io Vulnerability Database

CVE-2009-0775

Date: March 4, 2009

Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection.

Severity Score

9.8

Related Resources (31)

Url: http://secunia.com/advisories/34137

Url: http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html

Url: http://www.securitytracker.com/id?1021796

Url: http://www.debian.org/security/2009/dsa-1751

Url: http://secunia.com/advisories/34417

Url: http://secunia.com/advisories/34272

Url: http://www.redhat.com/support/errata/RHSA-2009-0315.html

Url: https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html

Url: https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html

Url: http://www.securityfocus.com/bid/33990

Url: http://www.mozilla.org/security/announce/2009/mfsa2009-08.html

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2009-0775

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6207

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5816

Url: http://secunia.com/advisories/34324

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2009:075

Url: http://www.vupen.com/english/advisories/2009/0632

Url: http://www.redhat.com/support/errata/RHSA-2009-0325.html

Url: https://bugzilla.mozilla.org/show_bug.cgi?id=474456

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9681

Url: http://secunia.com/advisories/34140

Url: http://secunia.com/advisories/34383

Url: https://nvd.nist.gov/vuln/detail/CVE-2009-0775

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7584

Url: http://secunia.com/advisories/34145

Url: http://support.avaya.com/japple/css/japple?temp.documentID=366362&temp.productID=154235&temp.releaseID=361845&temp.bucketID=126655&PAGE=Document

Url: http://www.redhat.com/support/errata/RHSA-2009-0258.html

Url: http://support.avaya.com/elmodocs2/security/ASA-2009-069.htm

Url: https://access.redhat.com/security/cve/CVE-2009-0775

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5806

Url: https://www.mend.io/vulnerability-database/CVE-2009-0775

Severity Score

9.8

Weakness Type (CWE)

Resource Management Errors

CWE-399

CVSS v3.1

Base Score:	9.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	10.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2009-0775

Date: March 4, 2009

Severity Score

Related Resources (31)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?