Denial of Service : Mozilla Firefox Multiple Denial Of Service Vulnerabilities (Sep 2009)

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.900844
Category:	Denial of Service
Title:	Mozilla Firefox Multiple Denial Of Service Vulnerabilities (Sep 2009) - Windows
Summary:	Firefox browser is prone to multiple Denial of Service vulnerabilities.
Description:	Summary: Firefox browser is prone to multiple Denial of Service vulnerabilities. Vulnerability Insight: - Multiple errors in the browser and JavaScript engines can be exploited to corrupt memory. - The warning dialog displayed when adding or removing security modules via 'pkcs11.addmodule' or 'pkcs11.deletemodule' does not contain enough information. This can be exploited to potentially trick a user into installing a malicious PKCS11 module. Vulnerability Impact: A remote, unauthenticated attacker could execute arbitrary code or cause a vulnerable application to crash. Affected Software/OS: Mozilla Firefox version prior to 3.0.14 on Windows. Solution: Upgrade to Firefox version 3.0.14 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3070 36343 http://www.securityfocus.com/bid/36343 36670 http://secunia.com/advisories/36670 36671 http://secunia.com/advisories/36671 36692 http://secunia.com/advisories/36692 37098 http://secunia.com/advisories/37098 DSA-1885 http://www.debian.org/security/2009/dsa-1885 RHSA-2009:1430 http://www.redhat.com/support/errata/RHSA-2009-1430.html SUSE-SA:2009:048 http://www.novell.com/linux/security/advisories/2009_48_firefox.html http://www.mozilla.org/security/announce/2009/mfsa2009-47.html https://bugzilla.mozilla.org/show_bug.cgi?id=430569 https://bugzilla.mozilla.org/show_bug.cgi?id=437565 https://bugzilla.mozilla.org/show_bug.cgi?id=465651 oval:org.mitre.oval:def:11702 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11702 oval:org.mitre.oval:def:6073 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6073 Common Vulnerability Exposure (CVE) ID: CVE-2009-3074 firefox-javascript-code-exec(53157) https://exchange.xforce.ibmcloud.com/vulnerabilities/53157 https://bugzilla.mozilla.org/show_bug.cgi?id=467493 oval:org.mitre.oval:def:6053 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6053 oval:org.mitre.oval:def:9444 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9444 Common Vulnerability Exposure (CVE) ID: CVE-2009-3076 1022877 http://www.securitytracker.com/id?1022877 36669 http://secunia.com/advisories/36669 ADV-2010-0650 http://www.vupen.com/english/advisories/2010/0650 RHSA-2009:1431 http://www.redhat.com/support/errata/RHSA-2009-1431.html RHSA-2009:1432 http://www.redhat.com/support/errata/RHSA-2009-1432.html RHSA-2010:0153 http://www.redhat.com/support/errata/RHSA-2010-0153.html RHSA-2010:0154 http://www.redhat.com/support/errata/RHSA-2010-0154.html http://www.mozilla.org/security/announce/2009/mfsa2009-48.html https://bugzilla.mozilla.org/show_bug.cgi?id=326628 https://bugzilla.mozilla.org/show_bug.cgi?id=509413 oval:org.mitre.oval:def:6140 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6140 oval:org.mitre.oval:def:9306 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9306
Copyright	Copyright (C) 2009 Greenbone AG