CVE-2009-3373
Description
Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors.
Risk Information
Base Score
9.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
12.826
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Update for SeaMonkey (2.35) | Windows |
| Update for SeaMonkey (2.38) | Windows |
| Update for SeaMonkey (2.39) | Windows |
| Update for SeaMonkey (2.40) | Windows |
| Update for SeaMonkey (2.46) | Windows |
| Update for SeaMonkey (2.48) | Windows |
| Update for SeaMonkey (2.49.1) | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0 | Windows |
| Vulnerability CVE-2009-0689,CVE-2009-3372,CVE-2009-3373,CVE-2009-3376 are affected in Mozilla Firefox 3.5.3 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.1 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.2 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.3 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.1 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.2 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.3 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.10 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.11 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.12 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.13 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.14 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.4 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.5 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.6 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.7 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.8 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.9 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.5.1 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.5.2 | Windows |
| Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.5.3 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.10 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.11 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.12 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.13 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.14 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.4 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.5 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.6 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.7 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.8 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.9 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.5.1 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.5.2 | Windows |
| Multiple Vulnerabilities are affected in Mozilla_Firefox 3.5.3 | Windows |
| Multiple vulnerabilities are fixed in Mozilla Firefox For Mac 3.0.15 | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-301494 | Update for SeaMonkey (2.35) |
| PATCH-301495 | Update for SeaMonkey (2.38) |
| PATCH-301496 | Update for SeaMonkey (2.39) |
| PATCH-301497 | Update for SeaMonkey (2.40) |
| PATCH-304455 | Update for SeaMonkey (2.46) |
| PATCH-306123 | Update for SeaMonkey (2.48) |
| PATCH-306558 | Update for SeaMonkey (2.49.1) |
| PATCH-343016 | Mozilla Firefox (x64) (132.0.2) |
| PATCH-343015 | Mozilla Firefox (132.0.2) |
| PATCH-613630 | Mozilla Firefox For Mac (147.0.4) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234