VDB
CVE-2009-3978
CVE-2009-3978
PUBLISHED
CVSS 4.300000190734863 MEDIUM
The nsGIFDecoder2::GifWrite function in decoders/gif/nsGIFDecoder2.cpp in libpr0n in Mozilla Firefox before 3.5.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an animated GIF file with a large image size, a different vulnerability than CVE-2009-3373.
EPSS 0.68% · 71.9th percentile
Risk Scores
CVSS 2.0
4.300000190734863
EPSS Score
0.68%
71.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| mozilla | firefox | 1.5, 0, 0.1 |
| n/a | n/a | n/a |
Timeline
- Nov 19, 2009 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
- Oct 30, 2023 EPSS Score
References
- http://hg.mozilla.org/releases/mozilla-1.9.1/rev/edf189567edc url
- http://www.mozilla.com/en-US/firefox/3.5.5/releasenotes/ url
- http://www.h-online.com/open/news/item/Mozilla-fixes-critical-bugs-with-Firefox-3-5-5-852070.html url
- https://wiki.mozilla.org/Releases/Firefox_3.5.5/Test_Plan url
- https://bugzilla.mozilla.org/show_bug.cgi?id=525326 url
- https://nvd.nist.gov/vuln/detail/CVE-2009-3978 advisory
- http://www.mozilla.com/en-US/firefox/3.5.5/releasenotes url