Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2009-2477

Опубликовано: 15 июл. 2009
Источник: ubuntu
Приоритет: medium
EPSS Высокий
CVSS2: 9.3

Описание

js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka TraceMonkey) in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a document containing P and FONT elements.

РелизСтатусПримечание
dapper

DNE

devel

released

3.5.1+build1+nobinonly-0ubuntu1
hardy

DNE

intrepid

DNE

jaunty

released

3.5.1+build1+nobinonly-0ubuntu0.9.04.1
upstream

released

3.5.1

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

1.9.1.1+build1+nobinonly-0ubuntu1
hardy

DNE

intrepid

DNE

jaunty

released

1.9.1.1+build1+nobinonly-0ubuntu0.9.04.1
upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 99%
0.83034
Высокий

9.3 Critical

CVSS2

Связанные уязвимости

redhat логотип

CVE-2009-2477

redhat
больше 16 лет назад

js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka TraceMonkey) in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a document containing P and FONT elements.

nvd логотип

CVE-2009-2477

nvd
больше 16 лет назад

js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka TraceMonkey) in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a document containing P and FONT elements.

debian логотип

CVE-2009-2477

debian
больше 16 лет назад

js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka ...

github логотип

GHSA-p5fj-7pgr-xv7v

github
почти 4 года назад

js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka TraceMonkey) in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a document containing P and FONT elements.

EPSS

Процентиль: 99%
0.83034
Высокий

9.3 Critical

CVSS2