CVE-2009-0821

Mozilla Firefox <2.0.0.20 - DoS

Title source: llm

Description

Mozilla Firefox 2.0.0.20 and earlier allows remote attackers to cause a denial of service (application crash) via nested calls to the window.print function, as demonstrated by a window.print(window.print()) in the onclick attribute of an INPUT element.

Exploits (1)

exploitdb WORKING POC VERIFIED

by b3hz4d · htmldosmultiple

https://www.exploit-db.com/exploits/32836

View Code ZIP pw:eip

References (2)

[Exploit] http://downloads.securityfocus.com/vulnerabilities/exploits/33969.html

[Exploit] http://www.securityfocus.com/bid/33969

Scores

EPSS 0.0591

EPSS Percentile 90.6%

Details

CWE

CWE-399

Status published

Products (45)

mozilla/firefox 0.1

mozilla/firefox 0.2

mozilla/firefox 0.3

mozilla/firefox 0.4

mozilla/firefox 0.5

mozilla/firefox 0.6

mozilla/firefox 0.6.1

mozilla/firefox 0.7

mozilla/firefox 0.7.1

mozilla/firefox 0.8

... and 35 more

Published Mar 05, 2009

Tracked Since Feb 18, 2026