{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88007?format=json","vulnerability_id":"VCID-16d6-e24t-dfb7","summary":"Firefox integer underflow in FTP directory list parser","aliases":[{"alias":"CVE-2009-3384"}],"fixed_packages":[],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/128146?format=json","purl":"pkg:rpm/redhat/firefox@3.0.15-3?arch=el5_4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16d6-e24t-dfb7"},{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-4vaj-81k4-n3a6"},{"vulnerability":"VCID-58z4-jhs8-kyay"},{"vulnerability":"VCID-5bdt-dd2k-c7gq"},{"vulnerability":"VCID-aw3w-yap1-u7cx"},{"vulnerability":"VCID-b76x-3z8j-4fa9"},{"vulnerability":"VCID-h68j-ht6w-jqbm"},{"vulnerability":"VCID-nx8g-hhbk-yyep"},{"vulnerability":"VCID-qqg4-kz4u-hbh8"},{"vulnerability":"VCID-sua6-rkjm-qyge"},{"vulnerability":"VCID-yn4z-ymst-1bew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@3.0.15-3%3Farch=el5_4"},{"url":"http://public2.vulnerablecode.io/api/packages/128156?format=json","purl":"pkg:rpm/redhat/firefox@3.0.15-3?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16d6-e24t-dfb7"},{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-4vaj-81k4-n3a6"},{"vulnerability":"VCID-58z4-jhs8-kyay"},{"vulnerability":"VCID-5bdt-dd2k-c7gq"},{"vulnerability":"VCID-aw3w-yap1-u7cx"},{"vulnerability":"VCID-b76x-3z8j-4fa9"},{"vulnerability":"VCID-h68j-ht6w-jqbm"},{"vulnerability":"VCID-nx8g-hhbk-yyep"},{"vulnerability":"VCID-qqg4-kz4u-hbh8"},{"vulnerability":"VCID-sua6-rkjm-qyge"},{"vulnerability":"VCID-yn4z-ymst-1bew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/firefox@3.0.15-3%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/128158?format=json","purl":"pkg:rpm/redhat/nspr@4.7.6-1?arch=el4_8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16d6-e24t-dfb7"},{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-4vaj-81k4-n3a6"},{"vulnerability":"VCID-58z4-jhs8-kyay"},{"vulnerability":"VCID-5bdt-dd2k-c7gq"},{"vulnerability":"VCID-aw3w-yap1-u7cx"},{"vulnerability":"VCID-b76x-3z8j-4fa9"},{"vulnerability":"VCID-h68j-ht6w-jqbm"},{"vulnerability":"VCID-nx8g-hhbk-yyep"},{"vulnerability":"VCID-qqg4-kz4u-hbh8"},{"vulnerability":"VCID-sua6-rkjm-qyge"},{"vulnerability":"VCID-yn4z-ymst-1bew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nspr@4.7.6-1%3Farch=el4_8"},{"url":"http://public2.vulnerablecode.io/api/packages/128151?format=json","purl":"pkg:rpm/redhat/nspr@4.7.6-1?arch=el5_4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16d6-e24t-dfb7"},{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-4vaj-81k4-n3a6"},{"vulnerability":"VCID-58z4-jhs8-kyay"},{"vulnerability":"VCID-5bdt-dd2k-c7gq"},{"vulnerability":"VCID-aw3w-yap1-u7cx"},{"vulnerability":"VCID-b76x-3z8j-4fa9"},{"vulnerability":"VCID-h68j-ht6w-jqbm"},{"vulnerability":"VCID-nx8g-hhbk-yyep"},{"vulnerability":"VCID-qqg4-kz4u-hbh8"},{"vulnerability":"VCID-sua6-rkjm-qyge"},{"vulnerability":"VCID-yn4z-ymst-1bew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nspr@4.7.6-1%3Farch=el5_4"},{"url":"http://public2.vulnerablecode.io/api/packages/128152?format=json","purl":"pkg:rpm/redhat/seamonkey@1.0.9-0.47?arch=el3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16d6-e24t-dfb7"},{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-5bdt-dd2k-c7gq"},{"vulnerability":"VCID-aw3w-yap1-u7cx"},{"vulnerability":"VCID-b76x-3z8j-4fa9"},{"vulnerability":"VCID-d5ha-6epq-afd4"},{"vulnerability":"VCID-qqg4-kz4u-hbh8"},{"vulnerability":"VCID-yn4z-ymst-1bew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/seamonkey@1.0.9-0.47%3Farch=el3"},{"url":"http://public2.vulnerablecode.io/api/packages/128154?format=json","purl":"pkg:rpm/redhat/seamonkey@1.0.9-50?arch=el4_8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16d6-e24t-dfb7"},{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-5bdt-dd2k-c7gq"},{"vulnerability":"VCID-aw3w-yap1-u7cx"},{"vulnerability":"VCID-b76x-3z8j-4fa9"},{"vulnerability":"VCID-d5ha-6epq-afd4"},{"vulnerability":"VCID-qqg4-kz4u-hbh8"},{"vulnerability":"VCID-yn4z-ymst-1bew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/seamonkey@1.0.9-50%3Farch=el4_8"},{"url":"http://public2.vulnerablecode.io/api/packages/127945?format=json","purl":"pkg:rpm/redhat/thunderbird@1.5.0.12-25?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16d6-e24t-dfb7"},{"vulnerability":"VCID-1n9c-e6em-kbb6"},{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-3bf4-ms9e-x3dq"},{"vulnerability":"VCID-53kn-ev4f-dufh"},{"vulnerability":"VCID-5bdt-dd2k-c7gq"},{"vulnerability":"VCID-85v1-yb4g-bqa4"},{"vulnerability":"VCID-89ja-f5vc-83d3"},{"vulnerability":"VCID-8kzv-qk9n-9ydf"},{"vulnerability":"VCID-9jkh-xn2d-3bdx"},{"vulnerability":"VCID-b76x-3z8j-4fa9"},{"vulnerability":"VCID-cwsk-1qr2-1fed"},{"vulnerability":"VCID-jwsm-57gb-jkb4"},{"vulnerability":"VCID-sapd-n7mr-eudc"},{"vulnerability":"VCID-usb1-ure3-77ft"},{"vulnerability":"VCID-v7mb-nqbm-93bs"},{"vulnerability":"VCID-wqza-9p8v-4kek"},{"vulnerability":"VCID-y1cq-jzte-p3hq"},{"vulnerability":"VCID-yn4z-ymst-1bew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@1.5.0.12-25%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/127943?format=json","purl":"pkg:rpm/redhat/thunderbird@2.0.0.24-2?arch=el5_4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16d6-e24t-dfb7"},{"vulnerability":"VCID-1n9c-e6em-kbb6"},{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-3bf4-ms9e-x3dq"},{"vulnerability":"VCID-53kn-ev4f-dufh"},{"vulnerability":"VCID-5bdt-dd2k-c7gq"},{"vulnerability":"VCID-85v1-yb4g-bqa4"},{"vulnerability":"VCID-89ja-f5vc-83d3"},{"vulnerability":"VCID-8kzv-qk9n-9ydf"},{"vulnerability":"VCID-9jkh-xn2d-3bdx"},{"vulnerability":"VCID-b76x-3z8j-4fa9"},{"vulnerability":"VCID-cwsk-1qr2-1fed"},{"vulnerability":"VCID-jwsm-57gb-jkb4"},{"vulnerability":"VCID-sapd-n7mr-eudc"},{"vulnerability":"VCID-usb1-ure3-77ft"},{"vulnerability":"VCID-v7mb-nqbm-93bs"},{"vulnerability":"VCID-wqza-9p8v-4kek"},{"vulnerability":"VCID-y1cq-jzte-p3hq"},{"vulnerability":"VCID-yn4z-ymst-1bew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/thunderbird@2.0.0.24-2%3Farch=el5_4"},{"url":"http://public2.vulnerablecode.io/api/packages/128148?format=json","purl":"pkg:rpm/redhat/xulrunner@1.9.0.15-3?arch=el5_4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16d6-e24t-dfb7"},{"vulnerability":"VCID-2jhf-j64s-gygy"},{"vulnerability":"VCID-4vaj-81k4-n3a6"},{"vulnerability":"VCID-58z4-jhs8-kyay"},{"vulnerability":"VCID-5bdt-dd2k-c7gq"},{"vulnerability":"VCID-aw3w-yap1-u7cx"},{"vulnerability":"VCID-b76x-3z8j-4fa9"},{"vulnerability":"VCID-h68j-ht6w-jqbm"},{"vulnerability":"VCID-nx8g-hhbk-yyep"},{"vulnerability":"VCID-qqg4-kz4u-hbh8"},{"vulnerability":"VCID-sua6-rkjm-qyge"},{"vulnerability":"VCID-yn4z-ymst-1bew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/xulrunner@1.9.0.15-3%3Farch=el5_4"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3384.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3384.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3384","reference_id":"","reference_type":"","scores":[{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.7934","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79347","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.7937","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79356","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79382","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79391","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79414","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79399","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79387","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79419","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79417","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.7942","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79453","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79458","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79473","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79489","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.7951","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79528","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79525","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79541","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.79577","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3384"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=530164","reference_id":"530164","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=530164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1530","reference_id":"RHSA-2009:1530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1531","reference_id":"RHSA-2009:1531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0153","reference_id":"RHSA-2010:0153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0154","reference_id":"RHSA-2010:0154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0154"}],"weaknesses":[{"cwe_id":190,"name":"Integer Overflow or Wraparound","description":"The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control."}],"exploits":[],"severity_range_score":null,"exploitability":"0.5","weighted_severity":"0.0","risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-16d6-e24t-dfb7"}