CVE-2009-1169

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2009-1169
The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox before 3.0.8 and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XML file with a crafted XSLT transform.

9.3 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://blogs.zdnet.com/security/?p=3013
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00008.html Patch
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html Patch
http://secunia.com/advisories/34471 Vendor Advisory
http://secunia.com/advisories/34486 Vendor Advisory
http://secunia.com/advisories/34505 Vendor Advisory
http://secunia.com/advisories/34510 Vendor Advisory
http://secunia.com/advisories/34511 Vendor Advisory
http://secunia.com/advisories/34521 Vendor Advisory
http://secunia.com/advisories/34527 Vendor Advisory
http://secunia.com/advisories/34549 Vendor Advisory
http://secunia.com/advisories/34550 Vendor Advisory
http://secunia.com/advisories/34792 Vendor Advisory
http://support.avaya.com/elmodocs2/security/ASA-2009-113.htm
http://www.debian.org/security/2009/dsa-1756
http://www.mandriva.com/security/advisories?name=MDVSA-2009:084
http://www.mozilla.org/security/announce/2009/mfsa2009-12.html Patch Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2009-0397.html
http://www.redhat.com/support/errata/RHSA-2009-0398.html
http://www.securityfocus.com/bid/34235 Exploit Patch
http://www.securitytracker.com/id?1021939
http://www.ubuntu.com/usn/usn-745-1
http://www.vupen.com/english/advisories/2009/0853 Patch Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=460090
https://bugzilla.mozilla.org/show_bug.cgi?id=485217 Patch
https://bugzilla.mozilla.org/show_bug.cgi?id=485286 Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/49439
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11372
https://www.exploit-db.com/exploits/8285
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01023.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01040.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01077.html
http://blogs.zdnet.com/security/?p=3013
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00008.html Patch
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html Patch
http://secunia.com/advisories/34471 Vendor Advisory
http://secunia.com/advisories/34486 Vendor Advisory
http://secunia.com/advisories/34505 Vendor Advisory
http://secunia.com/advisories/34510 Vendor Advisory
http://secunia.com/advisories/34511 Vendor Advisory
http://secunia.com/advisories/34521 Vendor Advisory
http://secunia.com/advisories/34527 Vendor Advisory
http://secunia.com/advisories/34549 Vendor Advisory
http://secunia.com/advisories/34550 Vendor Advisory
http://secunia.com/advisories/34792 Vendor Advisory
http://support.avaya.com/elmodocs2/security/ASA-2009-113.htm
http://www.debian.org/security/2009/dsa-1756
http://www.mandriva.com/security/advisories?name=MDVSA-2009:084
http://www.mozilla.org/security/announce/2009/mfsa2009-12.html Patch Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2009-0397.html
http://www.redhat.com/support/errata/RHSA-2009-0398.html
http://www.securityfocus.com/bid/34235 Exploit Patch
http://www.securitytracker.com/id?1021939
http://www.ubuntu.com/usn/usn-745-1
http://www.vupen.com/english/advisories/2009/0853 Patch Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=460090
https://bugzilla.mozilla.org/show_bug.cgi?id=485217 Patch
https://bugzilla.mozilla.org/show_bug.cgi?id=485286 Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/49439
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11372
https://www.exploit-db.com/exploits/8285
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01023.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01040.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01077.html
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9_rc:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.6:*:linux:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0:beta_1:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0:beta1:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0:rc2:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.15:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.16:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.17:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.18:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.19:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.20:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0.0.21:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0_.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0_.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0_.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0_.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0_.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0_.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0_.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:2.0_8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0:alpha:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0:beta2:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0:beta5:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:3.0beta5:*:*:*:*:*:*:*
History

21 Nov 2024, 01:01

Type Values Removed Values Added
References () http://blogs.zdnet.com/security/?p=3013 - () http://blogs.zdnet.com/security/?p=3013 -
References () http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00008.html - Patch () http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00008.html - Patch
References () http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html - Patch () http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html - Patch
References () http://secunia.com/advisories/34471 - Vendor Advisory () http://secunia.com/advisories/34471 - Vendor Advisory
References () http://secunia.com/advisories/34486 - Vendor Advisory () http://secunia.com/advisories/34486 - Vendor Advisory
References () http://secunia.com/advisories/34505 - Vendor Advisory () http://secunia.com/advisories/34505 - Vendor Advisory
References () http://secunia.com/advisories/34510 - Vendor Advisory () http://secunia.com/advisories/34510 - Vendor Advisory
References () http://secunia.com/advisories/34511 - Vendor Advisory () http://secunia.com/advisories/34511 - Vendor Advisory
References () http://secunia.com/advisories/34521 - Vendor Advisory () http://secunia.com/advisories/34521 - Vendor Advisory
References () http://secunia.com/advisories/34527 - Vendor Advisory () http://secunia.com/advisories/34527 - Vendor Advisory
References () http://secunia.com/advisories/34549 - Vendor Advisory () http://secunia.com/advisories/34549 - Vendor Advisory
References () http://secunia.com/advisories/34550 - Vendor Advisory () http://secunia.com/advisories/34550 - Vendor Advisory
References () http://secunia.com/advisories/34792 - Vendor Advisory () http://secunia.com/advisories/34792 - Vendor Advisory
References () http://support.avaya.com/elmodocs2/security/ASA-2009-113.htm - () http://support.avaya.com/elmodocs2/security/ASA-2009-113.htm -
References () http://www.debian.org/security/2009/dsa-1756 - () http://www.debian.org/security/2009/dsa-1756 -
References () http://www.mandriva.com/security/advisories?name=MDVSA-2009:084 - () http://www.mandriva.com/security/advisories?name=MDVSA-2009:084 -
References () http://www.mozilla.org/security/announce/2009/mfsa2009-12.html - Patch, Vendor Advisory () http://www.mozilla.org/security/announce/2009/mfsa2009-12.html - Patch, Vendor Advisory
References () http://www.redhat.com/support/errata/RHSA-2009-0397.html - () http://www.redhat.com/support/errata/RHSA-2009-0397.html -
References () http://www.redhat.com/support/errata/RHSA-2009-0398.html - () http://www.redhat.com/support/errata/RHSA-2009-0398.html -
References () http://www.securityfocus.com/bid/34235 - Exploit, Patch () http://www.securityfocus.com/bid/34235 - Exploit, Patch
References () http://www.securitytracker.com/id?1021939 - () http://www.securitytracker.com/id?1021939 -
References () http://www.ubuntu.com/usn/usn-745-1 - () http://www.ubuntu.com/usn/usn-745-1 -
References () http://www.vupen.com/english/advisories/2009/0853 - Patch, Vendor Advisory () http://www.vupen.com/english/advisories/2009/0853 - Patch, Vendor Advisory
References () https://bugzilla.mozilla.org/show_bug.cgi?id=460090 - () https://bugzilla.mozilla.org/show_bug.cgi?id=460090 -
References () https://bugzilla.mozilla.org/show_bug.cgi?id=485217 - Patch () https://bugzilla.mozilla.org/show_bug.cgi?id=485217 - Patch
References () https://bugzilla.mozilla.org/show_bug.cgi?id=485286 - Patch () https://bugzilla.mozilla.org/show_bug.cgi?id=485286 - Patch
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/49439 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/49439 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11372 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11372 -
References () https://www.exploit-db.com/exploits/8285 - () https://www.exploit-db.com/exploits/8285 -
References () https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01023.html - () https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01023.html -
References () https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01040.html - () https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01040.html -
References () https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01077.html - () https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01077.html -
Information

Published : 2009-03-27 00:30

Updated : 2024-11-21 01:01

NVD link : CVE-2009-1169

Mitre link : CVE-2009-1169

CVE.ORG link : CVE-2009-1169

JSON object : View

Products Affected

mozilla

  • firefox
CWE
CWE-399

Resource Management Errors


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024