Vulnerability Details CVE-2009-2477
js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka TraceMonkey) in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a document containing P and FONT elements.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.833
EPSS Ranking 99.2%
CVSS Severity
CVSS v2 Score 9.3
References
- http://blog.mozilla.com/security/2009/07/14/critical-javascript-vulnerability-in-firefox-35/
- http://isc.sans.org/diary.html?storyid=6796
- http://secunia.com/advisories/35798
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-266148-1
- http://voices.washingtonpost.com/securityfix/2009/07/stopgap_fix_for_critical_firef.html
- http://www.exploit-db.com/exploits/9137
- http://www.exploit-db.com/exploits/9181
- http://www.h-online.com/security/First-Zero-Day-Exploit-for-Firefox-3-5--/news/113761
- http://www.kb.cert.org/vuls/id/443060
- http://www.mozilla.org/security/announce/2009/mfsa2009-41.html
- http://www.securityfocus.com/bid/35660
- http://www.vupen.com/english/advisories/2009/1868
- https://bugzilla.mozilla.org/show_bug.cgi?id=503286
- https://www.exploit-db.com/exploits/40936/
- https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00909.html
- http://blog.mozilla.com/security/2009/07/14/critical-javascript-vulnerability-in-firefox-35/
- http://isc.sans.org/diary.html?storyid=6796
- http://secunia.com/advisories/35798
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-266148-1
- http://voices.washingtonpost.com/securityfix/2009/07/stopgap_fix_for_critical_firef.html
- http://www.exploit-db.com/exploits/9137
- http://www.exploit-db.com/exploits/9181
- http://www.h-online.com/security/First-Zero-Day-Exploit-for-Firefox-3-5--/news/113761
- http://www.kb.cert.org/vuls/id/443060
- http://www.mozilla.org/security/announce/2009/mfsa2009-41.html
- http://www.securityfocus.com/bid/35660
- http://www.vupen.com/english/advisories/2009/1868
- https://bugzilla.mozilla.org/show_bug.cgi?id=503286
- https://www.exploit-db.com/exploits/40936/
- https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00909.html