{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2630?format=json","vulnerability_id":"VCID-j8zw-dg26-hfbe","summary":"Mozilla upgraded several third party libraries used in media\nrendering to address multiple memory safety and stability bugs\nidentified by members of the Mozilla community.  Some of the bugs\ndiscovered could potentially be used by an attacker to crash a\nvictim's browser and execute arbitrary code on their\ncomputer.  liboggz, libvorbis,\nand liboggplay were all upgraded to address these\nissues.Audio and video capabilities were added in Firefox 3.5\nso prior releases of Firefox were not affected.","aliases":[{"alias":"CVE-2009-3379"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4640?format=json","purl":"pkg:deb/debian/libvorbis@1.3.1-1%2Bsqueeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ntd-28nj-cuex"},{"vulnerability":"VCID-6dfq-gbf6-7fc7"},{"vulnerability":"VCID-kad4-b6ez-y3dx"},{"vulnerability":"VCID-nbbh-ws5y-3uh4"},{"vulnerability":"VCID-yw14-7xmq-g3e6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.1-1%252Bsqueeze1"},{"url":"http://public2.vulnerablecode.io/api/packages/4780?format=json","purl":"pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dn6k-uzwy-8fbj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.0.2%252Bsvn18153-0.2"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4635?format=json","purl":"pkg:deb/debian/libvorbis@1.0rc3-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ntd-28nj-cuex"},{"vulnerability":"VCID-6dfq-gbf6-7fc7"},{"vulnerability":"VCID-j8zw-dg26-hfbe"},{"vulnerability":"VCID-k4pn-yxd9-h3ad"},{"vulnerability":"VCID-kad4-b6ez-y3dx"},{"vulnerability":"VCID-nbbh-ws5y-3uh4"},{"vulnerability":"VCID-yw14-7xmq-g3e6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.0rc3-1"},{"url":"http://public2.vulnerablecode.io/api/packages/4636?format=json","purl":"pkg:deb/debian/libvorbis@1.1.0-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ntd-28nj-cuex"},{"vulnerability":"VCID-6dfq-gbf6-7fc7"},{"vulnerability":"VCID-j8zw-dg26-hfbe"},{"vulnerability":"VCID-k4pn-yxd9-h3ad"},{"vulnerability":"VCID-kad4-b6ez-y3dx"},{"vulnerability":"VCID-nbbh-ws5y-3uh4"},{"vulnerability":"VCID-yw14-7xmq-g3e6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.1.0-2"},{"url":"http://public2.vulnerablecode.io/api/packages/4637?format=json","purl":"pkg:deb/debian/libvorbis@1.1.2.dfsg-1.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ntd-28nj-cuex"},{"vulnerability":"VCID-6dfq-gbf6-7fc7"},{"vulnerability":"VCID-j8zw-dg26-hfbe"},{"vulnerability":"VCID-k4pn-yxd9-h3ad"},{"vulnerability":"VCID-kad4-b6ez-y3dx"},{"vulnerability":"VCID-nbbh-ws5y-3uh4"},{"vulnerability":"VCID-yw14-7xmq-g3e6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.1.2.dfsg-1.2"},{"url":"http://public2.vulnerablecode.io/api/packages/4638?format=json","purl":"pkg:deb/debian/libvorbis@1.1.2.dfsg-1.4%2Betch1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ntd-28nj-cuex"},{"vulnerability":"VCID-6dfq-gbf6-7fc7"},{"vulnerability":"VCID-j8zw-dg26-hfbe"},{"vulnerability":"VCID-k4pn-yxd9-h3ad"},{"vulnerability":"VCID-kad4-b6ez-y3dx"},{"vulnerability":"VCID-nbbh-ws5y-3uh4"},{"vulnerability":"VCID-yw14-7xmq-g3e6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.1.2.dfsg-1.4%252Betch1"},{"url":"http://public2.vulnerablecode.io/api/packages/4639?format=json","purl":"pkg:deb/debian/libvorbis@1.2.0.dfsg-3.1%2Blenny1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1ntd-28nj-cuex"},{"vulnerability":"VCID-6dfq-gbf6-7fc7"},{"vulnerability":"VCID-j8zw-dg26-hfbe"},{"vulnerability":"VCID-k4pn-yxd9-h3ad"},{"vulnerability":"VCID-kad4-b6ez-y3dx"},{"vulnerability":"VCID-nbbh-ws5y-3uh4"},{"vulnerability":"VCID-yw14-7xmq-g3e6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.2.0.dfsg-3.1%252Blenny1"},{"url":"http://public2.vulnerablecode.io/api/packages/4778?format=json","purl":"pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn14261-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dn6k-uzwy-8fbj"},{"vulnerability":"VCID-j8zw-dg26-hfbe"},{"vulnerability":"VCID-k4pn-yxd9-h3ad"},{"vulnerability":"VCID-nbbh-ws5y-3uh4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.0.2%252Bsvn14261-1"},{"url":"http://public2.vulnerablecode.io/api/packages/4779?format=json","purl":"pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn16259-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dn6k-uzwy-8fbj"},{"vulnerability":"VCID-j8zw-dg26-hfbe"},{"vulnerability":"VCID-nbbh-ws5y-3uh4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.0.2%252Bsvn16259-2"}],"references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3379","reference_id":"CVE-2009-3379","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3379"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-63","reference_id":"mfsa2009-63","reference_type":"","scores":[{"value":"critical","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2009-63"}],"weaknesses":[],"exploits":[],"severity_range_score":"9.0 - 10.0","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j8zw-dg26-hfbe"}