{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2629?format=json","vulnerability_id":"VCID-kg61-mkup-83e9","summary":"Mozilla upgraded several third party libraries used in media\nrendering to address multiple memory safety and stability bugs\nidentified by members of the Mozilla community.  Some of the bugs\ndiscovered could potentially be used by an attacker to crash a\nvictim's browser and execute arbitrary code on their\ncomputer.  liboggz, libvorbis,\nand liboggplay were all upgraded to address these\nissues.Audio and video capabilities were added in Firefox 3.5\nso prior releases of Firefox were not affected.","aliases":[{"alias":"CVE-2009-3377"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6223?format=json","purl":"pkg:deb/debian/liboggz@1.1.1-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/liboggz@1.1.1-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1114?format=json","purl":"pkg:mozilla/Firefox@3.5.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@3.5.4"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6220?format=json","purl":"pkg:deb/debian/liboggz@0.9.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kg61-mkup-83e9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/liboggz@0.9.1-1"},{"url":"http://public2.vulnerablecode.io/api/packages/6221?format=json","purl":"pkg:deb/debian/liboggz@0.9.5-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kg61-mkup-83e9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/liboggz@0.9.5-4"},{"url":"http://public2.vulnerablecode.io/api/packages/6222?format=json","purl":"pkg:deb/debian/liboggz@0.9.8-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kg61-mkup-83e9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/liboggz@0.9.8-1"}],"references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3377","reference_id":"CVE-2009-3377","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3377"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-63","reference_id":"mfsa2009-63","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-63"}],"weaknesses":[],"exploits":[],"severity_range_score":"9.0 - 10.0","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kg61-mkup-83e9"}