CVE-2009-0071

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions 3.0.5 and earlier 3.0.x Mozilla Firefox versions 3.0.6 and 3.0.7

Description The issue allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and application crash. This can be achieved through specific function calls, including replaceChild or removeChild, followed by queryCommandValue, queryCommandState, or queryCommandIndeterm calls, when designMode is enabled.

Recommendations For Mozilla Firefox versions 3.0.5 and earlier 3.0.x, consider disabling the designMode feature to prevent exploitation until a patch is available. For Mozilla Firefox versions 3.0.6 and 3.0.7, consider disabling the designMode feature to prevent exploitation until a patch is available.