VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07151	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07447	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07447	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07447	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07447	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07447	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07447	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07447	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07447	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07447	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07447	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07447	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07447	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07447	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07447	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07447	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07447	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.07447	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
epss	0.08324	https://api.first.org/data/v1/epss?cve=CVE-2009-0071
cvssv2	2.6	https://nvd.nist.gov/vuln/detail/CVE-2009-0071

System

Score

Found at

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07151

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07447

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07447

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07447

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07447

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07447

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07447

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07447

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07447

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07447

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07447

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07447

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07447

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07447

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07447

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07447

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07447

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.07447

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

epss

0.08324

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

cvssv2

2.6

https://nvd.nist.gov/vuln/detail/CVE-2009-0071

Reference id	Reference type	URL
		http://archives.neohapsis.com/archives/fulldisclosure/2009-01/0220.html
		http://archives.neohapsis.com/archives/fulldisclosure/2009-01/0223.html
		http://archives.neohapsis.com/archives/fulldisclosure/2009-01/0224.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0071.json
		https://api.first.org/data/v1/epss?cve=CVE-2009-0071
		https://bugzilla.mozilla.org/show_bug.cgi?id=448329
		https://bugzilla.mozilla.org/show_bug.cgi?id=456727
		https://bugzilla.mozilla.org/show_bug.cgi?id=472507
		https://www.exploit-db.com/exploits/8091
		https://www.exploit-db.com/exploits/8219
		http://www.securityfocus.com/bid/33154
cpe:2.3:a:mozilla:firefox:3.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0:::::::*
cpe:2.3:a:mozilla:firefox:3.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0.1:::::::*
cpe:2.3:a:mozilla:firefox:3.0.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0.2:::::::*
cpe:2.3:a:mozilla:firefox:3.0.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0.3:::::::*
cpe:2.3:a:mozilla:firefox:3.0.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0.4:::::::*
cpe:2.3:a:mozilla:firefox:3.0.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0.5:::::::*
cpe:2.3:a:mozilla:firefox:3.0:alpha::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0:alpha::::::
cpe:2.3:a:mozilla:firefox:3.0:beta2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0:beta2::::::
cpe:2.3:a:mozilla:firefox:3.0:beta5::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0:beta5::::::
CVE-2009-0071		https://nvd.nist.gov/vuln/detail/CVE-2009-0071
GLSA-201301-01		https://security.gentoo.org/glsa/201301-01
OSVDB-52657;CVE-2009-0071	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/8091.html

Reference id

Reference type

URL

http://archives.neohapsis.com/archives/fulldisclosure/2009-01/0220.html

http://archives.neohapsis.com/archives/fulldisclosure/2009-01/0223.html

http://archives.neohapsis.com/archives/fulldisclosure/2009-01/0224.html

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0071.json

https://api.first.org/data/v1/epss?cve=CVE-2009-0071

https://bugzilla.mozilla.org/show_bug.cgi?id=448329

https://bugzilla.mozilla.org/show_bug.cgi?id=456727

https://bugzilla.mozilla.org/show_bug.cgi?id=472507

https://www.exploit-db.com/exploits/8091

https://www.exploit-db.com/exploits/8219

http://www.securityfocus.com/bid/33154

cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0:alpha:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0:alpha:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0:beta2:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0:beta2:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:3.0:beta5:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:3.0:beta5:*:*:*:*:*:*

CVE-2009-0071

https://nvd.nist.gov/vuln/detail/CVE-2009-0071

GLSA-201301-01

https://security.gentoo.org/glsa/201301-01

OSVDB-52657;CVE-2009-0071

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/8091.html

Data source	Exploit-DB
Date added	Feb. 22, 2009
Description	Mozilla Firefox 3.0.6 - BODY onload Remote Crash
Ransomware campaign use	Known
Source publication date	Feb. 23, 2009
Exploit type	dos
Platform	multiple

Exploit-DB

Feb. 22, 2009

Mozilla Firefox 3.0.6 - BODY onload Remote Crash

Known

Feb. 23, 2009

dos

multiple

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.

There are no relevant records.

Vulnerability ID	VCID-j11w-ahdx-aaaj
Aliases	CVE-2009-0071
Summary	Mozilla Firefox 3.0.5 and earlier 3.0.x versions, when designMode is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a certain (a) replaceChild or (b) removeChild call, followed by a (1) queryCommandValue, (2) queryCommandState, or (3) queryCommandIndeterm call. NOTE: it was later reported that 3.0.6 and 3.0.7 are also affected.
Status	Published
Exploitability	2.0
Weighted Severity	2.3
Risk	4.6
Affected and Fixed Packages	Package Details

Percentile	0.90709
EPSS Score	0.07151
Published At	March 28, 2025, 12:55 p.m.