Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-ah3s-3djr-3bba
Vulnerability ID VCID-ah3s-3djr-3bba
Aliases CVE-2009-1304
Summary Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.06664 https://api.first.org/data/v1/epss?cve=CVE-2009-1304
epss 0.06664 https://api.first.org/data/v1/epss?cve=CVE-2009-1304
epss 0.06664 https://api.first.org/data/v1/epss?cve=CVE-2009-1304
epss 0.06664 https://api.first.org/data/v1/epss?cve=CVE-2009-1304
epss 0.06664 https://api.first.org/data/v1/epss?cve=CVE-2009-1304
epss 0.06664 https://api.first.org/data/v1/epss?cve=CVE-2009-1304
epss 0.06664 https://api.first.org/data/v1/epss?cve=CVE-2009-1304
epss 0.06664 https://api.first.org/data/v1/epss?cve=CVE-2009-1304
epss 0.06664 https://api.first.org/data/v1/epss?cve=CVE-2009-1304
generic_textual critical https://www.mozilla.org/en-US/security/advisories/mfsa2009-14
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1304.json
https://api.first.org/data/v1/epss?cve=CVE-2009-1304
496255 https://bugzilla.redhat.com/show_bug.cgi?id=496255
CVE-2009-1304 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1304
GLSA-201301-01 https://security.gentoo.org/glsa/201301-01
mfsa2009-14 https://www.mozilla.org/en-US/security/advisories/mfsa2009-14
RHSA-2009:0436 https://access.redhat.com/errata/RHSA-2009:0436
USN-764-1 https://usn.ubuntu.com/764-1/
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.91169
EPSS Score 0.06664
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:05:43.798920+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/201301-01 38.0.0