Vulnerabilities > CVE-2009-2975 - Unspecified vulnerability in Mozilla Firefox 3.5.2
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Mozilla Firefox 3.5.2 on Windows XP, in some situations possibly involving an incompletely configured protocol handler, does not properly implement setting the document.location property to a value specifying a protocol associated with an external application, which allows remote attackers to cause a denial of service (memory consumption) via vectors involving a series of function calls that set this property, as demonstrated by (1) the chromehtml: protocol and (2) the aim: protocol.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 | |
| Application | 1 |
References
- http://archives.neohapsis.com/archives/bugtraq/2009-08/0234.html
- http://archives.neohapsis.com/archives/bugtraq/2009-08/0234.html
- http://archives.neohapsis.com/archives/bugtraq/2009-08/0236.html
- http://archives.neohapsis.com/archives/bugtraq/2009-08/0236.html
- http://archives.neohapsis.com/archives/bugtraq/2009-08/0246.html
- http://archives.neohapsis.com/archives/bugtraq/2009-08/0246.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/52923
- https://exchange.xforce.ibmcloud.com/vulnerabilities/52923