| CVE-2009-1833 | Date: (C)2009-06-12 (M)2024-02-09 |
The JavaScript engine in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) js_LeaveSharpObject, (2) ParseXMLSource, and (3) a certain assertion in jsinterp.c; and other vectors.
CVSS Score and Metrics +CVSS Score and Metrics -| CVSS V2 Severity: |
| CVSS Score : 9.3 |
| Exploit Score: 8.6 |
| Impact Score: 10.0 |
| |
| CVSS V2 Metrics: |
| Access Vector: NETWORK |
| Access Complexity: MEDIUM |
| Authentication: NONE |
| Confidentiality: COMPLETE |
| Integrity: COMPLETE |
| Availability: COMPLETE |
| | |
