CVE-2009-2975

Metadata

CVE-2009-2975
5.0
archives.neohapsis.com, archives.neohapsis.com, archives.neohapsis.com, exchange.xforce.ibmcloud.com
2009-08-27
2017-08-17 06:09

Description

Mozilla Firefox 3.5.2 on Windows XP, in some situations possibly involving an incompletely configured protocol handler, does not properly implement setting the document.location property to a value specifying a protocol associated with an external application, which allows remote attackers to cause a denial of service (memory consumption) via vectors involving a series of function calls that set this property, as demonstrated by (1) the chromehtml: protocol and (2) the aim: protocol.

Related Vulnerabilities

platform vulnerability
CVE-2009-2975 xulrunner