CVE-2009-2479

CVE-2009-2479 · HIGH Severity

AV:N/AC:L/AU:N/C:N/I:N/A:C

Mozilla Firefox 3.0.x, 3.5, and 3.5.1 on Windows allows remote attackers to cause a denial of service (uncaught exception and application crash) via a long Unicode string argument to the write method. NOTE: this was originally reported as a stack-based buffer overflow. NOTE: on Linux and Mac OS X, a crash resulting from this long string reportedly occurs in an operating-system library, not in Firefox.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.