CVE-2009-3374

Firefox 3.0.x-3.0.14 and 3.5.x-3.5.3 - Remote Code Execution via XPCVariant::VariantDataToJS

Title source: llm
STIX 2.1

Description

The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote web sites, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via unspecified method calls, related to "doubly-wrapped objects."

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9789
Vendor Advisory vendor-advisory x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=505988
Patch, Vendor Advisory x_refsource_confirm
http://www.mozilla.org/security/announce/2009/mfsa2009-57.html
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6565
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/3334
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2009:294

Scores

EPSS 0.0198
EPSS Percentile 78.3%

Details

CWE
CWE-264
Status published
Products (17)
mozilla/firefox 3.0 beta5
mozilla/firefox 3.0.1
mozilla/firefox 3.0.2
mozilla/firefox 3.0.3
mozilla/firefox 3.0.4
mozilla/firefox 3.0.5
mozilla/firefox 3.0.6
mozilla/firefox 3.0.7
mozilla/firefox 3.0.8
mozilla/firefox 3.0.9
... and 7 more
Published Oct 29, 2009
Tracked Since Feb 18, 2026