Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2009-0352

Disclosure Date: February 04, 2009
CVE-2009-0352
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and destruction of arbitrary layout objects by the nsViewManager::Composite function.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • mozilla

Products

  • firefox 3.0,
  • firefox 3.0.1,
  • firefox 3.0.2,
  • firefox 3.0.3,
  • firefox 3.0.4,
  • firefox 3.0.5,
  • seamonkey,
  • seamonkey 1.0,
  • seamonkey 1.0.1,
  • seamonkey 1.0.2,
  • seamonkey 1.0.3,
  • seamonkey 1.0.5,
  • seamonkey 1.0.6,
  • seamonkey 1.0.7,
  • seamonkey 1.0.8,
  • seamonkey 1.0.9,
  • seamonkey 1.1,
  • seamonkey 1.1.1,
  • seamonkey 1.1.10,
  • seamonkey 1.1.11,
  • seamonkey 1.1.12,
  • seamonkey 1.1.2,
  • seamonkey 1.1.3,
  • seamonkey 1.1.4,
  • seamonkey 1.1.5,
  • seamonkey 1.1.6,
  • seamonkey 1.1.7,
  • seamonkey 1.1.8,
  • seamonkey 1.1.9,
  • thunderbird,
  • thunderbird 1.0,
  • thunderbird 1.0.1,
  • thunderbird 1.0.2,
  • thunderbird 1.0.3,
  • thunderbird 1.0.4,
  • thunderbird 1.0.5,
  • thunderbird 1.0.6,
  • thunderbird 1.0.7,
  • thunderbird 1.0.8,
  • thunderbird 1.5,
  • thunderbird 1.5.0.1,
  • thunderbird 1.5.0.10,
  • thunderbird 1.5.0.11,
  • thunderbird 1.5.0.12,
  • thunderbird 1.5.0.13,
  • thunderbird 1.5.0.14,
  • thunderbird 1.5.0.2,
  • thunderbird 1.5.0.3,
  • thunderbird 1.5.0.4,
  • thunderbird 1.5.0.5,
  • thunderbird 1.5.0.6,
  • thunderbird 1.5.0.7,
  • thunderbird 1.5.0.8,
  • thunderbird 1.5.0.9,
  • thunderbird 1.5.1,
  • thunderbird 1.5.2,
  • thunderbird 2.0.0.0,
  • thunderbird 2.0.0.12,
  • thunderbird 2.0.0.14,
  • thunderbird 2.0.0.16,
  • thunderbird 2.0.0.17,
  • thunderbird 2.0.0.18,
  • thunderbird 2.0.0.4,
  • thunderbird 2.0.0.5,
  • thunderbird 2.0.0.6,
  • thunderbird 2.0.0.9

References

Canonical
CVE-2009-0352 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0352)
BID-33598 (http://www.securityfocus.com/bid/33598)
Advisory
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html
SECUNIA-33808 (http://secunia.com/advisories/33808)
ADV-2009-0313 (http://www.vupen.com/english/advisories/2009/0313)
DSA-1830 (http://www.debian.org/security/2009/dsa-1830)
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00001.html
https://bugzilla.mozilla.org/show_bug.cgi?id=431705
FEDORA-2009-3101 (https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01077.html)
SECUNIA-33809 (http://secunia.com/advisories/33809)
http://www.mandriva.com/security/advisories?name=MDVSA-2009:044
http://rhn.redhat.com/errata/RHSA-2009-0256.html
http://www.mozilla.org/security/announce/2009/mfsa2009-01.html
https://bugzilla.mozilla.org/show_bug.cgi?id=437142
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10699
https://bugzilla.mozilla.org/show_bug.cgi?id=416461
http://support.avaya.com/elmodocs2/security/ASA-2009-040.htm
https://bugzilla.mozilla.org/show_bug.cgi?id=422283
https://bugzilla.mozilla.org/show_bug.cgi?id=421839
SECUNIA-33831 (http://secunia.com/advisories/33831)
http://www.redhat.com/support/errata/RHSA-2009-0258.html
http://www.mandriva.com/security/advisories?name=MDVSA-2009:083
SECTRACK-1021663 (http://www.securitytracker.com/id?1021663)
SECUNIA-34464 (http://secunia.com/advisories/34464)
SECUNIA-34417 (http://secunia.com/advisories/34417)
https://bugzilla.mozilla.org/show_bug.cgi?id=331088
SECUNIA-33841 (http://secunia.com/advisories/33841)
SECUNIA-34527 (http://secunia.com/advisories/34527)
SECUNIA-33816 (http://secunia.com/advisories/33816)
SECUNIA-33846 (http://secunia.com/advisories/33846)
SECUNIA-33799 (http://secunia.com/advisories/33799)
https://bugzilla.mozilla.org/show_bug.cgi?id=401042
https://bugzilla.mozilla.org/show_bug.cgi?id=422301
FEDORA-2009-2882 (https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html)
http://www.redhat.com/support/errata/RHSA-2009-0257.html
FEDORA-2009-2884 (https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html)
SECUNIA-34462 (http://secunia.com/advisories/34462)
https://bugzilla.mozilla.org/show_bug.cgi?id=420697
USN-741-1 (https://usn.ubuntu.com/741-1)
FEDORA-2009-1399 (https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00240.html)
SECUNIA-33802 (http://secunia.com/advisories/33802)
SECUNIA-34324 (http://secunia.com/advisories/34324)
SECUNIA-33869 (http://secunia.com/advisories/33869)
USN-717-1 (http://www.ubuntu.com/usn/usn-717-1)
https://bugzilla.mozilla.org/show_bug.cgi?id=449006
https://bugzilla.mozilla.org/show_bug.cgi?id=461027
SECUNIA-34387 (http://secunia.com/advisories/34387)
Miscellaneous
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.405420
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.433952
https://usn.ubuntu.com/741-1/

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis