Search for vulnerabilities
Vulnerability details: VCID-wdyw-kubz-t3dv
Vulnerability ID VCID-wdyw-kubz-t3dv
Aliases CVE-2009-2663
Summary Mozilla upgraded several third party libraries used in media rendering to address multiple memory safety and stability bugs identified by members of the Mozilla community. Some of the bugs discovered could potentially be used by an attacker to crash a victim's browser and execute arbitrary code on their computer. liboggz, libvorbis, and liboggplay were all upgraded to address these issues.Audio and video capabilities were added in Firefox 3.5 so prior releases of Firefox were not affected.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
epss 0.02632 https://api.first.org/data/v1/epss?cve=CVE-2009-2663
generic_textual critical https://www.mozilla.org/en-US/security/advisories/mfsa2009-45
generic_textual critical https://www.mozilla.org/en-US/security/advisories/mfsa2009-63
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2663.json
https://api.first.org/data/v1/epss?cve=CVE-2009-2663
516259 https://bugzilla.redhat.com/show_bug.cgi?id=516259
540958 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540958
CVE-2009-2663 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2663
mfsa2009-45 https://www.mozilla.org/en-US/security/advisories/mfsa2009-45
mfsa2009-63 https://www.mozilla.org/en-US/security/advisories/mfsa2009-63
RHSA-2009:1219 https://access.redhat.com/errata/RHSA-2009:1219
USN-825-1 https://usn.ubuntu.com/825-1/
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.85124
EPSS Score 0.02632
Published At Aug. 8, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:10:40.960382+00:00 Mozilla Importer Import https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2009/mfsa2009-63.md 37.0.0