CVE-2009-2478

Mozilla Firefox 3.5 - Denial of Service via Flash NULL Pointer Dereference

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2009-2478. PoCs published by David Kennedy (ReL1K), Sberry.

AI-analyzed exploit summary This exploit leverages a heap spray technique to achieve remote code execution in Firefox 3.5 by triggering a vulnerability in the browser's handling of JavaScript. It delivers a shellcode payload (encoded with Shikata Ga Nai) that binds a shell to port 5500.

Description

Mozilla Firefox 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors, related to a "flash bug."

Exploits (2)

exploitdb WORKING POC VERIFIED

by David Kennedy (ReL1K) · pythonremotewindows

https://www.exploit-db.com/exploits/9181

View Code ZIP pw:eip

This exploit leverages a heap spray technique to achieve remote code execution in Firefox 3.5 by triggering a vulnerability in the browser's handling of JavaScript. It delivers a shellcode payload (encoded with Shikata Ga Nai) that binds a shell to port 5500.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Firefox 3.5

No auth needed

Prerequisites: Victim must visit the malicious HTTP server · Firefox 3.5 must be vulnerable to the heap spray technique

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by Sberry · htmlremotewindows

https://www.exploit-db.com/exploits/9137

View Code ZIP pw:eip

This exploit leverages a heap spray technique to trigger a vulnerability in Firefox 3.5, executing arbitrary shellcode (calc.exe) via JavaScript. The PoC demonstrates memory corruption by spraying the heap with NOP sleds and shellcode, then manipulating DOM elements to achieve code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Racy

Target: Mozilla Firefox 3.5

No auth needed

Prerequisites: Victim must visit a malicious webpage using Firefox 3.5

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit x_refsource_confirm

https://bugzilla.mozilla.org/show_bug.cgi?id=503286

Issue Tracking x_refsource_confirm

https://bugzilla.mozilla.org/show_bug.cgi?id=502648

Vendor Advisory vendor-advisory x_refsource_fedora

https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00909.html

Scores

EPSS 0.0781

EPSS Percentile 93.9%

Details

CWE

CWE-189

Status published

Products (1)

mozilla/firefox 3.5

Published Jul 16, 2009

Tracked Since Feb 18, 2026