CVE-2009-2664 : The js_watch_set function in js/src/jsdbgapi.cpp in the JavaScript engine in Moz

The js_watch_set function in js/src/jsdbgapi.cpp in the JavaScript engine in Mozilla Firefox before 3.0.12 allows remote attackers to cause a denial of service (assertion failure and application exit) or possibly execute arbitrary code via a crafted .js file, related to a "memory safety bug." NOTE: this was originally reported as affecting versions before 3.0.13.

Published 2009-08-04 16:30:01

Updated 2025-04-09 00:30:58

Source MITRE

View at NVD, CVE.org

Vulnerability category: Execute codeDenial of service

Products affected by CVE-2009-2664

Mozilla » Firefox
Versions up to, including, (<=) 3.5.1
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 3.0.5
cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 3.0
cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 3.0.11
cpe:2.3:a:mozilla:firefox:3.0.11:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 3.0.10
cpe:2.3:a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 3.0.7
cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 3.0.8
cpe:2.3:a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 3.0.12
cpe:2.3:a:mozilla:firefox:3.0.12:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 3.0.6
cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 3.0.1
cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 3.0.3
cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 3.0.9
cpe:2.3:a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 3.0.4
cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 3.0.2
cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 3.5
cpe:2.3:a:mozilla:firefox:3.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.9.2
cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.9.1
cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.8
cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.9
cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.9.3
cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.9 Update RC
cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.10.1
cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.10
cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.0
cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5.0.1
cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.0.1
cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.0.2
cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.0.3
cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.0.4
cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.0.5
cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0 Update RC3
cpe:2.3:a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.0.6
cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5 Update Beta1
cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.0.6 Linux Edition
cpe:2.3:a:mozilla:firefox:1.0.6:*:linux:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5 Update Beta2
cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.0.7
cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5
cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5.0.2
cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5.0.3
cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.0.8
cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5.3
cpe:2.3:a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5.1
cpe:2.3:a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5.2
cpe:2.3:a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5.0.4
cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5.0.5
cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5.0.6
cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5.8
cpe:2.3:a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5.6
cpe:2.3:a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5.7
cpe:2.3:a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5.4
cpe:2.3:a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5.5
cpe:2.3:a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0 Update Beta 1
cpe:2.3:a:mozilla:firefox:2.0:beta_1:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5.0.7
cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0
cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5.0.8
cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0.0.1
cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.3
cpe:2.3:a:mozilla:firefox:0.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.4
cpe:2.3:a:mozilla:firefox:0.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.6.1
cpe:2.3:a:mozilla:firefox:0.6.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.1
cpe:2.3:a:mozilla:firefox:0.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.2
cpe:2.3:a:mozilla:firefox:0.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5.0.12
cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.7
cpe:2.3:a:mozilla:firefox:0.7:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.7.1
cpe:2.3:a:mozilla:firefox:0.7.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.4.1
cpe:2.3:a:mozilla:firefox:1.4.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.0 Update Preview Release
cpe:2.3:a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5.0.10
cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.5
cpe:2.3:a:mozilla:firefox:0.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.6
cpe:2.3:a:mozilla:firefox:0.6:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5.0.11
cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0 Update RC2
cpe:2.3:a:mozilla:firefox:2.0:rc2:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.5.0.9
cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 0.9 Rc
cpe:2.3:a:mozilla:firefox:0.9_rc:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0.0.2
cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 1.8
cpe:2.3:a:mozilla:firefox:1.8:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0.0.6
cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0.0.5
cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0.0.4
cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0.0.3
cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0.0.7
cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0.0.10
cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0.0.11
cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0.0.8
cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0.0.9
cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0 Update Beta1
cpe:2.3:a:mozilla:firefox:2.0:beta1:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0.0.13
cpe:2.3:a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0.0.14
cpe:2.3:a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0.0.15
cpe:2.3:a:mozilla:firefox:2.0.0.15:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0.0.12
cpe:2.3:a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0 .1
cpe:2.3:a:mozilla:firefox:2.0_.1:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0 .10
cpe:2.3:a:mozilla:firefox:2.0_.10:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0 .6
cpe:2.3:a:mozilla:firefox:2.0_.6:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0 .9
cpe:2.3:a:mozilla:firefox:2.0_.9:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0 8
cpe:2.3:a:mozilla:firefox:2.0_8:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0 .7
cpe:2.3:a:mozilla:firefox:2.0_.7:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0 .4
cpe:2.3:a:mozilla:firefox:2.0_.4:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0 .5
cpe:2.3:a:mozilla:firefox:2.0_.5:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0.0.16
cpe:2.3:a:mozilla:firefox:2.0.0.16:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0.0.17
cpe:2.3:a:mozilla:firefox:2.0.0.17:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0.0.19
cpe:2.3:a:mozilla:firefox:2.0.0.19:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0.0.18
cpe:2.3:a:mozilla:firefox:2.0.0.18:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0.0.20
cpe:2.3:a:mozilla:firefox:2.0.0.20:*:*:*:*:*:*:*
Matching versions
Mozilla » Firefox » Version: 2.0.0.21
cpe:2.3:a:mozilla:firefox:2.0.0.21:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2009-2664

EPSS FAQ

3.01%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 85 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2009-2664

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

CWE ids for CVE-2009-2664

CWE-399

Assigned by: nvd@nist.gov (Primary)

References for CVE-2009-2664

http://secunia.com/advisories/36126

About Secunia Research | Flexera

CVEs referencing this url
http://www.securityfocus.com/bid/35927

CVEs referencing this url
http://www.mozilla.org/security/announce/2009/mfsa2009-45.html

Crashes with evidence of memory corruption (rv:1.9.1.2/1.9.0.13) — Mozilla
Patch;Vendor Advisory

CVEs referencing this url
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00198.html

[SECURITY] Fedora 11 Update: firefox-3.5.2-2.fc11

CVEs referencing this url
http://sunsolve.sun.com/search/document.do?assetkey=1-66-266148-1

CVEs referencing this url
https://bugzilla.mozilla.org/show_bug.cgi?id=501270
https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00261.html

[SECURITY] Fedora 10 Update: firefox-3.0.13-1.fc10

CVEs referencing this url
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9806
http://www.vupen.com/english/advisories/2009/2142

Site en construction
Patch;Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2009-2664

Products affected by CVE-2009-2664

Exploit prediction scoring system (EPSS) score for CVE-2009-2664

CVSS scores for CVE-2009-2664

CWE ids for CVE-2009-2664

References for CVE-2009-2664