cpe:/a:mozilla:firefox:3.0 cpe:/a:mozilla:firefox:3.0:alpha cpe:/a:mozilla:firefox:3.0:beta2 cpe:/a:mozilla:firefox:3.0:beta5 cpe:/a:mozilla:firefox:3.0.1 cpe:/a:mozilla:firefox:3.0.2 cpe:/a:mozilla:firefox:3.0.3 cpe:/a:mozilla:firefox:3.0.4 cpe:/a:mozilla:firefox:3.0.5 cpe:/a:mozilla:firefox:3.0.6 cpe:/a:mozilla:firefox:3.0.7 cpe:/a:mozilla:firefox:3.0.8 cpe:/a:mozilla:firefox:3.0.9 cpe:/a:mozilla:firefox:3.0.10 CVE-2009-1837 2009-06-12T17:30:00.360-04:00 2017-09-28T21:34:36.263-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2009-06-15T14:40:00.000-04:00 SECTRACK 1022386 BUGTRAQ 20090612 Secunia Research: Mozilla Firefox Java Applet Loading Vulnerability SUNALERT 264308 SECUNIA 34241 BID 35326 SECUNIA 35331 BID 35360 SECUNIA 35415 SECUNIA 35431 SECUNIA 35468 VUPEN ADV-2009-1572 DEBIAN DSA-1820 FEDORA FEDORA-2009-6366 FEDORA FEDORA-2009-6411 REDHAT RHSA-2009:1095 SLACKWARE SSA:2009-167-01 MISC http://secunia.com/secunia_research/2009-19/ CONFIRM http://www.mozilla.org/security/announce/2009/mfsa2009-28.html CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=486269 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=503579 Race condition in the NPObjWrapper_NewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code via a page transition during Java applet loading, related to a use-after-free vulnerability for memory associated with a destroyed Java object.