Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2009-1232

Mozilla Firefox 3.0.8 and earlier 3.0.x versions allows remote attackers to cause a denial of service (memory corruption) via an XML document composed of a long series of start-tags with no corresponding end-tags. NOTE: it was later reported that 3.0.10 and earlier are also affected.

  • Published: Apr 2, 2009
  • Updated: Apr 13, 2023
  • CVE: CVE-2009-1232
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:N/A:P

CWEs:

Software From Fixed in
mozilla / firefox 3.0.7 3.0.7.x
mozilla / firefox 3.0.8 3.0.8.x
mozilla / firefox 3.0.4 3.0.4.x
mozilla / firefox 3.0.5 3.0.5.x
mozilla / firefox 3.0-beta2 3.0-beta2.x
mozilla / firefox 3.0.3 3.0.3.x
mozilla / firefox 3.0.6 3.0.6.x
mozilla / firefox 3.0 3.0.x
mozilla / firefox 3.0.1 3.0.1.x
mozilla / firefox 3.0.2 3.0.2.x
mozilla / firefox 3.0-beta5 3.0-beta5.x
mozilla / firefox 3.0-alpha 3.0-alpha.x