CVE-2009-3373

Firefox < 3.0.15 and 3.5.x < 3.5.4 - Remote Code Execution via GIF Image Parser

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-3373. PoCs published by regenrecht.

AI-analyzed exploit summary The provided text describes a heap-based buffer overflow vulnerability in Mozilla Firefox and SeaMonkey, which can be exploited via a malicious webpage to achieve arbitrary code execution or DoS. No actual exploit code is present in the snippet.

Description

Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors.

Exploits (1)

exploitdb WRITEUP VERIFIED

by regenrecht · textremotelinux

https://www.exploit-db.com/exploits/33313

View Code ZIP pw:eip

The provided text describes a heap-based buffer overflow vulnerability in Mozilla Firefox and SeaMonkey, which can be exploited via a malicious webpage to achieve arbitrary code execution or DoS. No actual exploit code is present in the snippet.

Classification

Writeup 90%

Attack Type

Rce | Dos

Complexity

Moderate

Reliability

Theoretical

Target: Mozilla Firefox and SeaMonkey (versions affected by CVE-2009-3373)

No auth needed

Prerequisites: Victim must visit a malicious webpage

MITRE ATT&CK