Search for vulnerabilities
Vulnerability details: VCID-6xh3-hmne-aaab
Vulnerability ID VCID-6xh3-hmne-aaab
Aliases CVE-2009-2044
Summary Mozilla Firefox 3.0.10 and earlier on Linux allows remote attackers to cause a denial of service (application crash) via a URI for a large GIF image in the BACKGROUND attribute of a BODY element.
Status Published
Exploitability 2.0
Weighted Severity 3.9
Risk 7.8
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-20 Improper Input Validation
System Score Found at
epss 0.00561 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.00561 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.00561 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.00561 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.01315 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.01315 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.01315 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.01315 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.01315 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.01315 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.01315 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.01315 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.01315 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.01315 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.01315 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.01315 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.05046 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
epss 0.06701 https://api.first.org/data/v1/epss?cve=CVE-2009-2044
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2009-2044
Reference id Reference type URL
http://e-rdc.org/v1/news.php?readmore=137
https://api.first.org/data/v1/epss?cve=CVE-2009-2044
https://bugzilla.mozilla.org/show_bug.cgi?id=496265
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2044
https://exchange.xforce.ibmcloud.com/vulnerabilities/51037
http://www.securityfocus.com/archive/1/504214
http://www.securityfocus.com/bid/35280
CVE-2009-2044 https://nvd.nist.gov/vuln/detail/CVE-2009-2044
CVE-2009-2044;OSVDB-56471 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33031.html
CVE-2009-2044;OSVDB-56471 Exploit https://www.securityfocus.com/bid/35280/info
GLSA-201301-01 https://security.gentoo.org/glsa/201301-01
Data source Exploit-DB
Date added May 10, 2009
Description Mozilla Firefox 3.0.x - Large '.GIF' File Background Denial of Service
Ransomware campaign use Known
Source publication date May 10, 2009
Exploit type dos
Platform linux
Source update date April 26, 2014
Source URL https://www.securityfocus.com/bid/35280/info
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2009-2044
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.77530
EPSS Score 0.00561
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.