CVE-2009-1571

N/A Unknown
Published: February 22, 2010 Modified: April 29, 2026
View on NVD

Description

Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory situations.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035346.html
Source: PSIRT-CNA@flexerasoftware.com
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035367.html
Source: PSIRT-CNA@flexerasoftware.com
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035426.html
Source: PSIRT-CNA@flexerasoftware.com
http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036097.html
Source: PSIRT-CNA@flexerasoftware.com
http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036132.html
Source: PSIRT-CNA@flexerasoftware.com
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00001.html
Source: PSIRT-CNA@flexerasoftware.com
http://secunia.com/advisories/37242
Source: PSIRT-CNA@flexerasoftware.com
Vendor Advisory
http://secunia.com/advisories/38770
Source: PSIRT-CNA@flexerasoftware.com
http://secunia.com/advisories/38772
Source: PSIRT-CNA@flexerasoftware.com
http://secunia.com/advisories/38847
Source: PSIRT-CNA@flexerasoftware.com
http://secunia.com/secunia_research/2009-45/
Source: PSIRT-CNA@flexerasoftware.com
Vendor Advisory
http://www.debian.org/security/2010/dsa-1999
Source: PSIRT-CNA@flexerasoftware.com
http://www.mandriva.com/security/advisories?name=MDVSA-2010:042
Source: PSIRT-CNA@flexerasoftware.com
http://www.mandriva.com/security/advisories?name=MDVSA-2010:051
Source: PSIRT-CNA@flexerasoftware.com
http://www.mozilla.org/security/announce/2010/mfsa2010-03.html
Source: PSIRT-CNA@flexerasoftware.com
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2010-0112.html
Source: PSIRT-CNA@flexerasoftware.com
http://www.redhat.com/support/errata/RHSA-2010-0113.html
Source: PSIRT-CNA@flexerasoftware.com
http://www.redhat.com/support/errata/RHSA-2010-0153.html
Source: PSIRT-CNA@flexerasoftware.com
http://www.redhat.com/support/errata/RHSA-2010-0154.html
Source: PSIRT-CNA@flexerasoftware.com
http://www.securityfocus.com/archive/1/509585/100/0/threaded
Source: PSIRT-CNA@flexerasoftware.com
http://www.ubuntu.com/usn/USN-895-1
Source: PSIRT-CNA@flexerasoftware.com
http://www.ubuntu.com/usn/USN-896-1
Source: PSIRT-CNA@flexerasoftware.com
http://www.vupen.com/english/advisories/2010/0405
Source: PSIRT-CNA@flexerasoftware.com
Vendor Advisory
http://www.vupen.com/english/advisories/2010/0650
Source: PSIRT-CNA@flexerasoftware.com
https://bugzilla.mozilla.org/show_bug.cgi?id=526500
Source: PSIRT-CNA@flexerasoftware.com
https://exchange.xforce.ibmcloud.com/vulnerabilities/56361
Source: PSIRT-CNA@flexerasoftware.com
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11227
Source: PSIRT-CNA@flexerasoftware.com
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8615
Source: PSIRT-CNA@flexerasoftware.com
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035346.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035367.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035426.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036097.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036132.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00001.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/37242
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/38770
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/38772
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/38847
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/secunia_research/2009-45/
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.debian.org/security/2010/dsa-1999
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDVSA-2010:042
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDVSA-2010:051
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mozilla.org/security/announce/2010/mfsa2010-03.html
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2010-0112.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2010-0113.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2010-0153.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2010-0154.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/509585/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/USN-895-1
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/USN-896-1
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2010/0405
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2010/0650
Source: af854a3a-2127-422b-91ae-364da2661108
https://bugzilla.mozilla.org/show_bug.cgi?id=526500
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/56361
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11227
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8615
Source: af854a3a-2127-422b-91ae-364da2661108

56 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
7.1%
92th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-94

Affected Vendors

mozilla

Related CVEs

CVE-2026-40137 6.1
CVE-2026-40136 4.3
CVE-2026-40135 6.5
CVE-2026-40134 4.3
CVE-2026-40133 6.3