Mozilla Firefox before 2.0.0.19 and 3.x before 3.0.5, SeaMonkey, and Thunderbird allow remote attackers to cause a denial of service (memory consumption and application crash) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:05
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.exploit-db.com/exploits/9160 - | |
References | () http://www.g-sec.lu/one-bug-to-rule-them-all.html - | |
References | () http://www.securityfocus.com/archive/1/504969/100/0/threaded - | |
References | () http://www.securityfocus.com/archive/1/504988/100/0/threaded - | |
References | () http://www.securityfocus.com/archive/1/504989/100/0/threaded - | |
References | () http://www.securityfocus.com/archive/1/505006/100/0/threaded - | |
References | () https://bugzilla.mozilla.org/show_bug.cgi?id=460713 - |
Information
Published : 2009-07-20 18:30
Updated : 2024-11-21 01:05
NVD link : CVE-2009-2535
Mitre link : CVE-2009-2535
CVE.ORG link : CVE-2009-2535
JSON object : View
Products Affected
mozilla
- thunderbird
- firefox
- seamonkey
CWE
CWE-189
Numeric Errors