Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-d1d9-6j5m-jqbj

Summary

Jakob Balle and Carsten Eiram of
Secunia Research reported a race condition
in NPObjWrapper_NewResolve when accessing the properties
of a NPObject, a wrapped JSObject.  Balle
and Eiram demonstrated that this condition could be reached by
navigating away from a web page during the loading of a Java applet.
Under such conditions the Java object would be destroyed but later
called into resulting in a free memory read. It might be possible
for an attacker to write to the freed memory before it is reused and run
arbitrary code on the victim's computer.This vulnerability does not affect Firefox 2 nor other
products built using the "Gecko 1.8" version of Mozilla code.

Aliases

alias	CVE-2009-1837

Fixed_packages

url	pkg:mozilla/Firefox@3.0.11
purl	pkg:mozilla/Firefox@3.0.11
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.0.11

Affected_packages

References

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1837
reference_id	CVE-2009-1837
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1837

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-28

reference_id

mfsa2009-28

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-28

Weaknesses

Exploits

Severity_range_score 9.0 - 10.0

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d1d9-6j5m-jqbj

Vulnerability Instance