{"url":"http://public2.vulnerablecode.io/api/packages/128154?format=json","purl":"pkg:rpm/redhat/seamonkey@1.0.9-50?arch=el4_8","type":"rpm","namespace":"redhat","name":"seamonkey","version":"1.0.9-50","qualifiers":{"arch":"el4_8"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88007?format=json","vulnerability_id":"VCID-16d6-e24t-dfb7","summary":"Firefox integer underflow in FTP directory list parser","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3384.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3384.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3384","reference_id":"","reference_type":"","scores":[{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.7934","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79347","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.7937","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79356","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79382","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79391","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79414","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79399","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79387","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79419","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79417","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.7942","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79453","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79458","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79473","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79489","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3384"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=530164","reference_id":"530164","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=530164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1530","reference_id":"RHSA-2009:1530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1531","reference_id":"RHSA-2009:1531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0153","reference_id":"RHSA-2010:0153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0154","reference_id":"RHSA-2010:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0154"}],"fixed_packages":[],"aliases":["CVE-2009-3384"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-16d6-e24t-dfb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63614?format=json","vulnerability_id":"VCID-2jhf-j64s-gygy","summary":"Security researcher Alin Rad Pop of Secunia\nResearch reported a heap-based buffer overflow in Mozilla's string to\nfloating point number conversion routines.  Using this vulnerability\nan attacker could craft some malicious JavaScript code containing a\nvery long string to be converted to a floating point number which\nwould result in improper memory allocation and the execution of an\narbitrary memory location.  This vulnerability could thus be leveraged\nby the attacker to run arbitrary code on a victim's computer.Update: The underlying flaw in the dtoa routines used\nby Mozilla appears to be essentially the same as that reported against the\nlibc gdtoa routine by Maksymilian Arciemowicz.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0689.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0689.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0689","reference_id":"","reference_type":"","scores":[{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.9744","published_at":"2026-05-05T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97395","published_at":"2026-04-01T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97434","published_at":"2026-04-26T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97437","published_at":"2026-04-29T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97402","published_at":"2026-04-02T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97406","published_at":"2026-04-04T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97408","published_at":"2026-04-07T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97415","published_at":"2026-04-08T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97417","published_at":"2026-04-09T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97419","published_at":"2026-04-11T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97421","published_at":"2026-04-13T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97429","published_at":"2026-04-16T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97433","published_at":"2026-04-21T12:55:00Z"},{"value":"0.4176","scoring_system":"epss","scoring_elements":"0.97432","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0689"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=539784","reference_id":"539784","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=539784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689","reference_id":"CVE-2009-0689","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10185.txt","reference_id":"CVE-2009-0689","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10185.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10187.txt","reference_id":"CVE-2009-0689;OSVDB-61186","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10187.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33363.txt","reference_id":"CVE-2009-0689;OSVDB-61186","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/33363.txt"},{"reference_url":"https://www.securityfocus.com/bid/37078/info","reference_id":"CVE-2009-0689;OSVDB-61186","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/37078/info"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/10184.txt","reference_id":"CVE-2009-0689;OSVDB-61187","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/10184.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33364.txt","reference_id":"CVE-2009-0689;OSVDB-61187","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/33364.txt"},{"reference_url":"https://www.securityfocus.com/bid/37080/info","reference_id":"CVE-2009-0689;OSVDB-61187","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/37080/info"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33312.txt","reference_id":"CVE-2009-0689;OSVDB-61189","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33312.txt"},{"reference_url":"https://www.securityfocus.com/bid/36851/info","reference_id":"CVE-2009-0689;OSVDB-61189","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/36851/info"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10186.txt","reference_id":"CVE-2009-0689;OSVDB-62402","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/dos/10186.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/33058.txt","reference_id":"CVE-2009-0689;OSVDB-63639","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/33058.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/dos/33479.c","reference_id":"CVE-2009-0689;OSVDB-63639","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/osx/dos/33479.c"},{"reference_url":"https://www.securityfocus.com/bid/35510/info","reference_id":"CVE-2009-0689;OSVDB-63639","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/35510/info"},{"reference_url":"https://www.securityfocus.com/bid/37687/info","reference_id":"CVE-2009-0689;OSVDB-63639","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/37687/info"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33480.txt","reference_id":"CVE-2009-0689;OSVDB-63641","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33480.txt"},{"reference_url":"https://www.securityfocus.com/bid/37688/info","reference_id":"CVE-2009-0689;OSVDB-63641","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/37688/info"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-59","reference_id":"mfsa2009-59","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-59"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/10380.pl","reference_id":"OSVDB-61189;CVE-2009-0689","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/10380.pl"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1530","reference_id":"RHSA-2009:1530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1531","reference_id":"RHSA-2009:1531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1601","reference_id":"RHSA-2009:1601","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1601"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0153","reference_id":"RHSA-2010:0153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0154","reference_id":"RHSA-2010:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0311","reference_id":"RHSA-2014:0311","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0311"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0312","reference_id":"RHSA-2014:0312","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0312"},{"reference_url":"https://usn.ubuntu.com/871-1/","reference_id":"USN-871-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/871-1/"},{"reference_url":"https://usn.ubuntu.com/915-1/","reference_id":"USN-915-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/915-1/"}],"fixed_packages":[],"aliases":["CVE-2009-0689"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2jhf-j64s-gygy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53005?format=json","vulnerability_id":"VCID-5bdt-dd2k-c7gq","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3376.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3376.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3376","reference_id":"","reference_type":"","scores":[{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86685","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86561","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86572","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86591","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.8661","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.8662","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86634","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86632","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86625","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86638","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86644","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86637","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86655","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86664","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03024","scoring_system":"epss","scoring_elements":"0.86663","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3376"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=530168","reference_id":"530168","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=530168"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3376","reference_id":"CVE-2009-3376","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3376"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-62","reference_id":"mfsa2009-62","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-62"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1530","reference_id":"RHSA-2009:1530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1531","reference_id":"RHSA-2009:1531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0153","reference_id":"RHSA-2010:0153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0154","reference_id":"RHSA-2010:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0154"},{"reference_url":"https://usn.ubuntu.com/853-1/","reference_id":"USN-853-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/853-1/"},{"reference_url":"https://usn.ubuntu.com/915-1/","reference_id":"USN-915-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/915-1/"}],"fixed_packages":[],"aliases":["CVE-2009-3376"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5bdt-dd2k-c7gq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53002?format=json","vulnerability_id":"VCID-aw3w-yap1-u7cx","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3375.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3375.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3375","reference_id":"","reference_type":"","scores":[{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64225","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64102","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64158","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64186","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64146","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64196","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64212","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64226","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64215","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64221","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64233","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64242","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64255","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00462","scoring_system":"epss","scoring_elements":"0.64254","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3375"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=530167","reference_id":"530167","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=530167"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3375","reference_id":"CVE-2009-3375","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3375"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-61","reference_id":"mfsa2009-61","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-61"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1530","reference_id":"RHSA-2009:1530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1531","reference_id":"RHSA-2009:1531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1531"},{"reference_url":"https://usn.ubuntu.com/853-1/","reference_id":"USN-853-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/853-1/"}],"fixed_packages":[],"aliases":["CVE-2009-3375"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aw3w-yap1-u7cx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52991?format=json","vulnerability_id":"VCID-b76x-3z8j-4fa9","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3274.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3274.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3274","reference_id":"","reference_type":"","scores":[{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33501","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33873","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34211","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34244","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34106","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34149","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34178","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34135","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34111","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34148","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.341","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33727","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33705","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33619","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3274"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=524815","reference_id":"524815","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=524815"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3274","reference_id":"CVE-2009-3274","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3274"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-53","reference_id":"mfsa2009-53","reference_type":"","scores":[{"value":"low","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-53"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1530","reference_id":"RHSA-2009:1530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1531","reference_id":"RHSA-2009:1531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0153","reference_id":"RHSA-2010:0153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0154","reference_id":"RHSA-2010:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0154"},{"reference_url":"https://usn.ubuntu.com/853-1/","reference_id":"USN-853-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/853-1/"}],"fixed_packages":[],"aliases":["CVE-2009-3274"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b76x-3z8j-4fa9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63570?format=json","vulnerability_id":"VCID-d5ha-6epq-afd4","summary":"Security researcher Georgi Guninski\nreported that scriptable plugin content, such as Flash objects, could\nbe loaded and executed in SeaMonkey mail messages by embedding the\ncontent in an iframe inside the message.  If a user were to reply to\nor forward such a message, malicious JavaScript embedded in the plugin\ncontent could potentially steal the contents of the message or files\nfrom the local filesystem.Thunderbird was not affected by this issue.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3385.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3385.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3385","reference_id":"","reference_type":"","scores":[{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80435","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80282","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.8029","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.8031","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80298","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80326","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80337","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80355","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.8034","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80334","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80363","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80365","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.8037","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80396","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.80403","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01388","scoring_system":"epss","scoring_elements":"0.8042","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3385"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=530159","reference_id":"530159","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=530159"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3385","reference_id":"CVE-2009-3385","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3385"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2010-06","reference_id":"mfsa2010-06","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2010-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1531","reference_id":"RHSA-2009:1531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1531"}],"fixed_packages":[],"aliases":["CVE-2009-3385"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d5ha-6epq-afd4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52554?format=json","vulnerability_id":"VCID-qqg4-kz4u-hbh8","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1563.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1563.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=530162","reference_id":"530162","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=530162"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1530","reference_id":"RHSA-2009:1530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1531","reference_id":"RHSA-2009:1531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1531"},{"reference_url":"https://usn.ubuntu.com/853-1/","reference_id":"USN-853-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/853-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1563"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qqg4-kz4u-hbh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53019?format=json","vulnerability_id":"VCID-yn4z-ymst-1bew","summary":"Multiple vulnerabilities have been found in Mozilla Firefox,\n    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may\n    allow execution of arbitrary code or local privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3380.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3380.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3380","reference_id":"","reference_type":"","scores":[{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87893","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87795","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87806","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87817","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.8782","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87842","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87849","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.8786","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87854","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87853","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87867","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87865","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87862","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87878","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87884","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0364","scoring_system":"epss","scoring_elements":"0.87882","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3380"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=530567","reference_id":"530567","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=530567"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3380","reference_id":"CVE-2009-3380","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3380"},{"reference_url":"https://security.gentoo.org/glsa/201301-01","reference_id":"GLSA-201301-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201301-01"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-64","reference_id":"mfsa2009-64","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-64"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1530","reference_id":"RHSA-2009:1530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1531","reference_id":"RHSA-2009:1531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0153","reference_id":"RHSA-2010:0153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0154","reference_id":"RHSA-2010:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0154"},{"reference_url":"https://usn.ubuntu.com/853-1/","reference_id":"USN-853-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/853-1/"}],"fixed_packages":[],"aliases":["CVE-2009-3380"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yn4z-ymst-1bew"}],"fixing_vulnerabilities":[],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/seamonkey@1.0.9-50%3Farch=el4_8"}