Mozilla Firefox 3.5.2 on Windows XP, in some situations possibly involving an incompletely configured protocol handler, does not properly implement setting the document.location property to a value specifying a protocol associated with an external application, which allows remote attackers to cause a denial of service (memory consumption) via vectors involving a series of function calls that set this property, as demonstrated by (1) the chromehtml: protocol and (2) the aim: protocol.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2009-08-27T17:00:00
Updated: 2017-08-16T14:57:01
Reserved: 2009-08-27T00:00:00
Link: CVE-2009-2975
JSON object: View
NVD Information
Status : Modified
Published: 2009-08-27T17:30:00.343
Modified: 2017-08-17T01:30:59.553
Link: CVE-2009-2975
JSON object: View
Redhat Information
No data.
CWE