CVE-2009-2477

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 3.5.1

Description The issue is related to the Just-in-time (JIT) JavaScript compiler, also known as TraceMonkey, in Mozilla Firefox. It allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations. This can be demonstrated by a document containing specific elements.

Recommendations For versions prior to 3.5.1, update to version 3.5.1 or later to resolve the issue.