CVE-2009-2664 — Vulnetix

Try Vulnetix Request Demo

CVE-2009-2664 PUBLISHED CVSS 5 MEDIUM

The js_watch_set function in js/src/jsdbgapi.cpp in the JavaScript engine in Mozilla Firefox before 3.0.12 allows remote attackers to cause a denial of service (assertion failure and application exit) or possibly execute arbitrary code via a crafted .js file, related to a "memory safety bug." NOTE: this was originally reported as affecting versions before 3.0.13.

EPSS 3.01% · 86.5th percentile

Risk Scores

CVSS v2.0

5

EPSS Score

3.01%

86.5th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
mozilla	firefox	0, 0.1, 0.2

Timeline

Aug 4, 2009 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score
Aug 31, 2023 EPSS Score

References

ADV-2009-2142 vdb
http://www.mozilla.org/security/announce/2009/mfsa2009-45.html url
266148 vendor-advisory
FEDORA-2009-8288 vendor-advisory
36126 third-party-advisory
FEDORA-2009-8279 vendor-advisory
35927 vdb
oval:org.mitre.oval:def:9806 vdb
https://bugzilla.mozilla.org/show_bug.cgi?id=501270 url
https://nvd.nist.gov/vuln/detail/CVE-2009-2664 advisory

Open in Interactive Console →