Vulnerabilities > CVE-2009-1827 - Resource Management Errors vulnerability in Mozilla Firefox 3.0.4
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The SVG component in Mozilla Firefox 3.0.4 allows remote attackers to cause a denial of service (application hang) via a large value in the r (aka Radius) attribute of a circle element, related to an "unclamped loop."
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Mozilla Firefox (unclamped loop) Denial of Service Exploit. CVE-2009-1827. Dos exploits for multiple platform |
| file | exploits/multiple/dos/8794.html |
| id | EDB-ID:8794 |
| last seen | 2016-02-01 |
| modified | 2009-05-26 |
| platform | multiple |
| port | |
| published | 2009-05-26 |
| reporter | Thierry Zoller |
| source | https://www.exploit-db.com/download/8794/ |
| title | Mozilla Firefox unclamped loop Denial of Service Exploit |
| type | dos |
References
- http://archives.neohapsis.com/archives/bugtraq/2009-05/0270.html
- http://archives.neohapsis.com/archives/bugtraq/2009-05/0271.html
- http://archives.neohapsis.com/archives/bugtraq/2009-05/0272.html
- http://blog.zoller.lu/2009/04/advisory-firefox-dos-condition.html
- http://www.securityfocus.com/archive/1/503825/100/0/threaded
- https://bugzilla.mozilla.org/show_bug.cgi?id=393832
- https://bugzilla.mozilla.org/show_bug.cgi?id=465615
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50721
- https://www.exploit-db.com/exploits/8794