fkie_nvd - fkie_cve-2009-1304

fkie_cve-2009-1304

Vulnerability from fkie_nvd

Published

2009-04-22 18:30

Modified

2025-04-09 00:30

Severity ?

Summary

The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definitions of Math and Date; and (2) js_CheckRedeclaration.

References

URL	Tags
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
secalert@redhat.com	http://secunia.com/advisories/34758
secalert@redhat.com	http://secunia.com/advisories/34780
secalert@redhat.com	http://secunia.com/advisories/34843
secalert@redhat.com	http://secunia.com/advisories/34894
secalert@redhat.com	http://secunia.com/advisories/35042
secalert@redhat.com	http://secunia.com/advisories/35065
secalert@redhat.com	http://secunia.com/advisories/35602
secalert@redhat.com	http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1
secalert@redhat.com	http://www.debian.org/security/2009/dsa-1797
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDVSA-2009:111
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDVSA-2009:141
secalert@redhat.com	http://www.mozilla.org/security/announce/2009/mfsa2009-14.html	Vendor Advisory
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2009-0436.html
secalert@redhat.com	http://www.securityfocus.com/bid/34656
secalert@redhat.com	http://www.securitytracker.com/id?1022090
secalert@redhat.com	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.454275
secalert@redhat.com	http://www.vupen.com/english/advisories/2009/1125
secalert@redhat.com	https://bugzilla.mozilla.org/show_bug.cgi?id=461158	Exploit
secalert@redhat.com	https://bugzilla.mozilla.org/show_bug.cgi?id=475971	Exploit
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5319
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5480
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6015
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7516
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9535
secalert@redhat.com	https://usn.ubuntu.com/764-1/
secalert@redhat.com	https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00683.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34758
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34780
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34843
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34894
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35042
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35065
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/35602
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2009/dsa-1797
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2009:111
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2009:141
af854a3a-2127-422b-91ae-364da2661108	http://www.mozilla.org/security/announce/2009/mfsa2009-14.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2009-0436.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/34656
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1022090
af854a3a-2127-422b-91ae-364da2661108	http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.454275
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/1125
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=461158	Exploit
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=475971	Exploit
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5319
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5480
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6015
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7516
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9535
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/764-1/
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00683.html

Impacted products

Vendor	Product	Version
mozilla	firefox	3.0
mozilla	firefox	3.0.1
mozilla	firefox	3.0.2
mozilla	firefox	3.0.3
mozilla	firefox	3.0.4
mozilla	firefox	3.0.5
mozilla	firefox	3.0.6
mozilla	firefox	3.0.7
mozilla	firefox	3.0.8
mozilla	seamonkey	*
mozilla	seamonkey	1.0
mozilla	seamonkey	1.0.1
mozilla	seamonkey	1.0.2
mozilla	seamonkey	1.0.3
mozilla	seamonkey	1.0.5
mozilla	seamonkey	1.0.6
mozilla	seamonkey	1.0.7
mozilla	seamonkey	1.0.8
mozilla	seamonkey	1.0.9
mozilla	seamonkey	1.1
mozilla	seamonkey	1.1
mozilla	seamonkey	1.1
mozilla	seamonkey	1.1.1
mozilla	seamonkey	1.1.2
mozilla	seamonkey	1.1.3
mozilla	seamonkey	1.1.4
mozilla	seamonkey	1.1.5
mozilla	seamonkey	1.1.6
mozilla	seamonkey	1.1.7
mozilla	seamonkey	1.1.8
mozilla	seamonkey	1.1.9
mozilla	seamonkey	1.1.10
mozilla	seamonkey	1.1.11
mozilla	seamonkey	1.1.12
mozilla	seamonkey	1.1.14
mozilla	seamonkey	1.1.15
mozilla	thunderbird	*
mozilla	thunderbird	1.0
mozilla	thunderbird	1.0.1
mozilla	thunderbird	1.0.2
mozilla	thunderbird	1.0.3
mozilla	thunderbird	1.0.4
mozilla	thunderbird	1.0.5
mozilla	thunderbird	1.0.5
mozilla	thunderbird	1.0.6
mozilla	thunderbird	1.0.7
mozilla	thunderbird	1.0.8
mozilla	thunderbird	1.5
mozilla	thunderbird	1.5
mozilla	thunderbird	1.5.0.1
mozilla	thunderbird	1.5.0.2
mozilla	thunderbird	1.5.0.3
mozilla	thunderbird	1.5.0.4
mozilla	thunderbird	1.5.0.5
mozilla	thunderbird	1.5.0.6
mozilla	thunderbird	1.5.0.7
mozilla	thunderbird	1.5.0.8
mozilla	thunderbird	1.5.0.9
mozilla	thunderbird	1.5.0.10
mozilla	thunderbird	1.5.0.11
mozilla	thunderbird	1.5.0.12
mozilla	thunderbird	1.5.0.13
mozilla	thunderbird	1.5.0.14
mozilla	thunderbird	1.5.1
mozilla	thunderbird	1.5.2
mozilla	thunderbird	2.0.0.0
mozilla	thunderbird	2.0.0.4
mozilla	thunderbird	2.0.0.5
mozilla	thunderbird	2.0.0.6
mozilla	thunderbird	2.0.0.9
mozilla	thunderbird	2.0.0.12
mozilla	thunderbird	2.0.0.14
mozilla	thunderbird	2.0.0.16
mozilla	thunderbird	2.0.0.17
mozilla	thunderbird	2.0.0.18
mozilla	thunderbird	2.0.0.20
mozilla	thunderbird	2.0.0.21

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "412DF091-7604-4110-87A0-3488116A97E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "11E07FED-ABDB-4B0A-AB2E-4CBF1EAC4301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A6558F1-9E0D-4107-909A-8EF4BC8A9C2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "63DF3D65-C992-44CF-89B4-893526C6242E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9024117-2E8B-4240-9E21-CC501F3879B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBC3CAD3-2F54-4E32-A0C9-0D826C45AC23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "52624B41-AB34-40AD-8709-D9646B618AB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "917E9856-9556-4FD6-A834-858F8837A6B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "98BBD74D-930C-4D80-A91B-0D61347BAA63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "547B206A-36E7-4602-8046-8366BC556AA5",
              "versionEndIncluding": "1.1.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E18FC0-0C8C-4FA1-85B9-B868D00F002F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6521C877-63C9-4B6E-9FC9-1263FFBB7950",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D949DF0A-CBC2-40E1-AE6C-60E6F58D2481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C5CDA57-1A50-4EDB-80E2-D3EBB44EA653",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3104343E-93B6-4D4A-BC95-ED9F7E91FB6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "381313EF-DF84-4F66-9962-DE8F45029D79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0228476-14E4-443C-BBAE-2C9CD8594DC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A803A500-DCE2-44FC-ABEB-A90A1D39D85C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "022274DE-5251-49C9-B6E5-1D8CEDC34E7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9F84CB7-93F7-4912-BC87-497867B96491",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "8992E9C6-09B3-492E-B7DA-899D5238EC18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*",
              "matchCriteriaId": "D58B704B-F06E-44C1-BBD1-A090D1E6583A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "40270FBD-744A-49D9-9FFA-1DCD897210D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "20E01097-F60A-4FB2-BA47-84A267EE87D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F65732F-317B-49A2-B9B0-FA1102B8B45C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB430F19-069A-43FD-9097-586D4449D327",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "76AD0439-3BFB-4AD1-8E2C-99D0B099FA8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E6D7528-E591-48A6-8165-BE42F8EBF6B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA710423-0075-44B8-9DCB-6380FA974486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5521DA3-E6AF-4350-B971-10B4A1C9B1D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD15752-A253-47B1-BCE0-B55B84B47C9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "60B39A9D-44A4-4D7F-9004-C44066BBE277",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "F203EC52-2126-4227-AF3B-23857E5BB222",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E951567B-8402-42EA-AE33-EBA9235A868F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BFFBC58-ACD2-449D-B010-5026D6022F86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "83EED5D2-EC40-4253-991B-0C746FBEF6A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "850345D6-2085-4EC4-AE47-FC8E265C61D4",
              "versionEndIncluding": "2.0.0.19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "055D1044-9FC5-45AA-8407-649E96C5AFE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C1C87A5-C14D-4A23-B865-3BB1FCDC8470",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C4DB0BB-BFD7-4E7A-B3EF-9C5422602216",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0D56153-E20A-46D8-859E-A51E5C03D674",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C51A6F4-F88F-4BF2-BF71-5DC48559C085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFC390CB-774C-47BE-95C3-059943A9E645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.5:beta:*:*:*:*:*:*",
              "matchCriteriaId": "379F6A73-B45F-4094-8167-4E929FFB1749",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71DE7AC-553B-4524-8B33-5605518449EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "72B02389-0DCD-45BC-A09F-CB6B75940616",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "41AE4644-2D23-43EA-ABDA-7BE60EFD1EFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FB87608-0DF8-4729-95C5-CFA386AB3AC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "1A406214-29E5-4E13-B2E1-1CF72F1E60BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C169DA-26BC-42EE-817B-2F0685069495",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C99BAF7-B48E-4402-B2BF-EB07235E402E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3F0C73F-291F-4A92-87B8-2269B5C1516D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0ADE8D7-B3C3-4490-9CD5-0263BBA75D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C86FD617-E4FE-4F85-AAA4-4F968A9DEC9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "938B1260-74A7-4CFF-8086-415DCC284430",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E28672BA-E3C2-40C3-80E1-95B7CDD089E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "9308147C-0A23-48BC-BFA9-A49B9D73014E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6654EC3-BED6-4D6D-9B7F-DF4CC8E464BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CAD8DCC-DBB4-40EE-927C-7B0969700077",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "77F9CE47-E3AA-49D7-AEC9-447951AC31E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "581615BB-C781-42CA-836E-0E0EAB8C4504",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "257F43FA-D22C-4BF0-A02E-261A54142BCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C8D63F5-78D5-4F7B-B15A-2C15FC405E27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84BC6D68-4ED4-43CF-A2EB-47BD15D11AE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:1.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D291234-D64A-4E8A-A7CD-08BB980E1CD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFC60781-766B-4B9C-B68D-45D51C5E5D20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC7EAB8D-CA40-4C29-99DF-24FF1753BCF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C9218A9-DA27-436A-AC93-F465FC14ECF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E66503D7-72CB-42A5-8C85-D9579EF2C0A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B373B409-0939-4707-99F1-95B121BFF7FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E80CA1DE-B920-4E28-BEFC-574148D19A0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DCDAA51-4AA3-4EC4-B441-71FB3C3304F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "D54ACD07-FAB7-4513-A707-18FAF7D565C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7260CE1F-501D-44FF-A3FA-2137CA01733B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D3DD1B-64DF-46C8-80A3-99D2E34B665F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "48702EEB-C272-46ED-9C61-6F44D6964DDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mozilla:thunderbird:2.0.0.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC650D89-CEEC-4A90-B3B9-5F0ADCEFCBB9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definitions of Math and Date; and (2) js_CheckRedeclaration."
    },
    {
      "lang": "es",
      "value": "El motor JavaScript en Mozilla Firefox v3.x en anteriores a v3.0.9, Thunderbird anteriores a v2.0.0.22, y SeaMonkey anteriores a v1.1.16  permite a atacantes remotos producir una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) y posiblemente iniciar una corrupci\u00f3n de memoria a trav\u00e9s de vectores relacionados con (1) js_FindPropertyHelper, relacionado con las definiciones de \"Math\" y \"Date\"; (2) js_CheckRedeclaration."
    }
  ],
  "id": "CVE-2009-1304",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-04-22T18:30:00.250",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/34758"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/34780"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/34843"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/34894"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/35042"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/35065"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/35602"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2009/dsa-1797"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:111"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:141"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-14.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0436.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/34656"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1022090"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.454275"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2009/1125"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=461158"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Exploit"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=475971"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5319"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5480"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6015"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7516"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9535"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/764-1/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00683.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34758"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34780"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34843"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34894"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35042"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35602"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2009/dsa-1797"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:111"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:141"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-14.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2009-0436.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34656"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022090"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2009\u0026m=slackware-security.454275"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/1125"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=461158"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=475971"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5319"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5480"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6015"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9535"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/764-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00683.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2009-1304 (GCVE-0-2009-1304)

Vulnerability from cvelistv5

Published

2009-04-22 18:00