Vulnerability Name:

CVE-2009-0071 (CCN-47872)

Assigned:2008-09-24
Published:2008-09-24
Updated:2017-09-29
Summary:Mozilla Firefox 3.0.5 and earlier 3.0.x versions, when designMode is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a certain (a) replaceChild or (b) removeChild call, followed by a (1) queryCommandValue, (2) queryCommandState, or (3) queryCommandIndeterm call.
Note: it was later reported that 3.0.6 and 3.0.7 are also affected.
CVSS v3 Severity:3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:2.6 Low (CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P)
2.0 Low (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P)
2.0 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-399
Vulnerability Consequences:Denial of Service
References:Source: FULLDISC
Type: UNKNOWN
20090107 Firefox 3.0.5 remote vulnerability via queryCommandState

Source: FULLDISC
Type: UNKNOWN
20090107 Re: Firefox 3.0.5 remote vulnerability via queryCommandState

Source: FULLDISC
Type: UNKNOWN
20090107 Re: Firefox 3.0.5 remote vulnerability via queryCommandState

Source: MITRE
Type: CNA
CVE-2009-0071

Source: CCN
Type: Mozilla Web site
Firefox web browser | Faster, more secure, & customizable

Source: CCN
Type: OSVDB ID: 52657
Mozilla Firefox designMode Functionality queryCommand* Calls Remote DoS

Source: BID
Type: Exploit
33154

Source: CCN
Type: BID-33154
Mozilla Firefox 'designMode' Null Pointer Dereference Denial of Service Vulnerability

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.mozilla.org/show_bug.cgi?id=448329

Source: CCN
Type: Bugzilla@Mozilla - Bug 456727
Bug 456727 - document designMode on, replace/delete HTML tag, queryCommand*('backcolor'); causes NULL pointer

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.mozilla.org/show_bug.cgi?id=456727

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.mozilla.org/show_bug.cgi?id=472507

Source: XF
Type: UNKNOWN
firefox-designmode-dos(47872)

Source: EXPLOIT-DB
Type: UNKNOWN
8091

Source: EXPLOIT-DB
Type: UNKNOWN
8219

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mozilla:firefox:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0:alpha:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0:beta2:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0:beta5:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:mozilla:firefox:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20090071
    V
    		CVE-2009-0071
    2022-05-20
    oval:org.opensuse.security:def:31300
    P
    		Security update for MozillaFirefox (Important)
    2021-11-17
    oval:org.opensuse.security:def:31168
    P
    		Security update for cups (Important)
    2021-04-30
    oval:org.opensuse.security:def:31748
    P
    		Security update for openssl (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:31692
    P
    		Security update for python3 (Important)
    2021-02-08
    oval:org.opensuse.security:def:31083
    P
    		Security update for python-cryptography (Moderate)
    2020-12-04
    oval:org.opensuse.security:def:35614
    P
    		mozilla-xulrunner190-1.9.0.19-0.1.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:31082
    P
    		Security update for gdm (Important)
    2020-12-03
    oval:org.opensuse.security:def:42021
    P
    		mozilla-xulrunner190-1.9.0.19-0.1.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:25844
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:31449
    P
    		Security update for postgresql10 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25241
    P
    		Security update for java-1_7_1-ibm (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32579
    P
    		mozilla-xulrunner190 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25897
    P
    		Security update for mariadb (Important)
    2020-12-01
    oval:org.opensuse.security:def:25450
    P
    		Security update for bluez (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26579
    P
    		libMagickCore1-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31797
    P
    		Recommended update for NetworkManager-kde4 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25591
    P
    		Security update for python (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25165
    P
    		Security update for squid (Important)
    2020-12-01
    oval:org.opensuse.security:def:31858
    P
    		Security update for cups (Important)
    2020-12-01
    oval:org.opensuse.security:def:25795
    P
    		Security update for kernel-source (Important)
    2020-12-01
    oval:org.opensuse.security:def:31392
    P
    		Security update for pam-modules (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25177
    P
    		Security update for mariadb-connector-c (Important)
    2020-12-01
    oval:org.opensuse.security:def:32540
    P
    		krb5-doc on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25883
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:31536
    P
    		Security update for samba (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25369
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25941
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25507
    P
    		Security update for git (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31094
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26614
    P
    		mozilla-xulrunner190 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31836
    P
    		Security update for bind (Important)
    2020-12-01
    oval:org.opensuse.security:def:25742
    P
    		Security update for ceph (Important)
    2020-12-01
    oval:org.opensuse.security:def:25166
    P
    		Security update for apache2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:31902
    P
    		Security update for MozillaFirefox, mozilla-nss (Important)
    2020-12-01
    BACK
    mozilla firefox 3.0
    mozilla firefox 3.0 alpha
    mozilla firefox 3.0 beta2
    mozilla firefox 3.0 beta5
    mozilla firefox 3.0.1
    mozilla firefox 3.0.2
    mozilla firefox 3.0.3
    mozilla firefox 3.0.4
    mozilla firefox 3.0.5
    mozilla firefox 3.0
    mozilla firefox 3.0.1
    mozilla firefox 3.0.3
    mozilla firefox 3.0.2
    mozilla firefox 3.0.4
    mozilla firefox 3.0.5