{
  "threat_severity" : "Critical",
  "public_date" : "2009-09-09T00:00:00Z",
  "bugzilla" : {
    "description" : "Firefox 3.5.3 3.0.14 Chrome privilege escalation with FeedWriter",
    "id" : "521695",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=521695"
  },
  "cvss" : {
    "cvss_base_score" : "6.8",
    "cvss_scoring_vector" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
    "status" : "verified"
  },
  "details" : [ "Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 4",
    "release_date" : "2009-09-09T00:00:00Z",
    "advisory" : "RHSA-2009:1430",
    "cpe" : "cpe:/o:redhat:enterprise_linux:4",
    "package" : "firefox-0:3.0.14-1.el4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 4",
    "release_date" : "2009-09-09T00:00:00Z",
    "advisory" : "RHSA-2009:1430",
    "cpe" : "cpe:/o:redhat:enterprise_linux:4",
    "package" : "nspr-0:4.7.5-1.el4_8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2009-09-09T00:00:00Z",
    "advisory" : "RHSA-2009:1430",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "firefox-0:3.0.14-1.el5_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2009-09-09T00:00:00Z",
    "advisory" : "RHSA-2009:1430",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "nspr-0:4.7.5-1.el5_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2009-09-09T00:00:00Z",
    "advisory" : "RHSA-2009:1430",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "xulrunner-0:1.9.0.14-1.el5_4"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2009-3079\nhttps://nvd.nist.gov/vuln/detail/CVE-2009-3079" ],
  "name" : "CVE-2009-3079",
  "csaw" : false
}