what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2009-0772

Status Candidate

Overview

The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection, which triggers memory corruption.

Related Files

Debian Linux Security Advisory 1830-1
Posted Jul 13, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1830-1 - Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2009-0040, CVE-2009-0352, CVE-2009-0353, CVE-2009-0652, CVE-2009-0771, CVE-2009-0772, CVE-2009-0773, CVE-2009-0774, CVE-2009-0776, CVE-2009-1302, CVE-2009-1303, CVE-2009-1307, CVE-2009-1832, CVE-2009-1392, CVE-2009-1836, CVE-2009-1838, CVE-2009-1841
SHA-256 | d38d0925be530057b4a2dd77a93a8ac127bd9272755d6b3ea0b274a052baaa14
Mandriva Linux Security Advisory 2009-083
Posted Apr 1, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-083 - A number of security vulnerabilities have been discovered in previous versions, and corrected in the latest Mozilla Thunderbird program, version 2.0.0.21. This update provides the latest Thunderbird to correct these issues. Additionally, Mozilla Thunderbird released with Mandriva Linux 2009.0, when used with Enigmail extension on x86_64 architecture, would freeze whenever any Enigmail function was used. Also, when used on i586 architecture, Thunderbird would crash when sending an email, if a file with an unknown extension was attached to it. This update also fixes those issues.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2009-0040, CVE-2009-0352, CVE-2009-0353, CVE-2009-0771, CVE-2009-0772, CVE-2009-0773, CVE-2009-0774, CVE-2009-0776
SHA-256 | 8511d6a4698ceeef5b4163b72f2396b90cb854230c08895dc46332e0b785248e
Debian Linux Security Advisory 1751-1
Posted Mar 24, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1751-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser.

tags | advisory, remote, web, vulnerability
systems | linux, debian
advisories | CVE-2009-0771, CVE-2009-0772, CVE-2009-0773, CVE-2009-0774, CVE-2009-0775, CVE-2009-0776
SHA-256 | 90b8cbef10d28f611a32644e63fc575909a9875bf20e92ba6d19fb38e9b5ba83
Ubuntu Security Notice 741-1
Posted Mar 20, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-741-1 - Several flaws were discovered in the browser engine. If Javascript were enabled, an attacker could exploit these flaws to crash Thunderbird and possibly execute arbitrary code with user privileges. Jesse Ruderman and Gary Kwong discovered flaws in the browser engine. If a user had Javascript enabled, these problems could allow a remote attacker to cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Georgi Guninski discovered a flaw when Thunderbird performed a cross-domain redirect. If a user had Javascript enabled, an attacker could bypass the same-origin policy in Thunderbird by utilizing nsIRDFService and steal private data from users authenticated to the redirected website.

tags | advisory, remote, denial of service, arbitrary, javascript
systems | linux, ubuntu
advisories | CVE-2009-0352, CVE-2009-0772, CVE-2009-0774, CVE-2009-0776
SHA-256 | 71df0c63229902bf45a99f841665304d7746f712c8283e344ef1a621a412203f
Mandriva Linux Security Advisory 2009-075
Posted Mar 13, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-075 - Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox 3.x, version 3.0.7. This update provides the latest Mozilla Firefox 3.x to correct these issues. As Mozilla Firefox 2.x has been phased out, version 3.x is also being provided for Mandriva Linux 2008 Spring. Additionally some software has also been rebuilt against Mozilla Firefox 3.0.7 which should take care of upgrade problems.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2009-0040, CVE-2009-0771, CVE-2009-0772, CVE-2009-0773, CVE-2009-0774, CVE-2009-0775, CVE-2009-0776, CVE-2009-0777
SHA-256 | 6987be114011225d9a1bb7a9e1e2d6874e8225afa2e231184c2bdf3df29cf10c
Ubuntu Security Notice 728-3
Posted Mar 6, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-728-3 - Jesse Ruderman and Gary Kwong discovered flaws in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Georgi Guninski discovered a flaw when Firefox performed a cross-domain redirect. An attacker could bypass the same-origin policy in Firefox by utilizing nsIRDFService and steal private data from users authenticated to the redirected website.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2009-0772, CVE-2009-0774, CVE-2009-0776
SHA-256 | 4ef712cf1de39e92be0d7f3064b1b4afcbf2ec90634bcc529138e0365648b262
Ubuntu Security Notice 728-2
Posted Mar 6, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-728-2 - Jesse Ruderman and Gary Kwong discovered flaws in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Georgi Guninski discovered a flaw when Firefox performed a cross-domain redirect. An attacker could bypass the same-origin policy in Firefox by utilizing nsIRDFService and steal private data from users authenticated to the redirected website.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2009-0772, CVE-2009-0774, CVE-2009-0776
SHA-256 | dffc45bb28c639cb7e4f7b4a0bdee5e4e444bd9114ed36756540b6200046ea0b
Ubuntu Security Notice 728-1
Posted Mar 6, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-728-1 - Various vulnerabilities in Firefox have been addressed. The embedded libpng has been updated. Multiple flaws withing Firefox that could allow for denial of service or code execution have also been addressed.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, ubuntu
advisories | CVE-2009-0040, CVE-2009-0771, CVE-2009-0772, CVE-2009-0773, CVE-2009-0774, CVE-2009-0775, CVE-2009-0776, CVE-2009-0777
SHA-256 | c72a8866a8c452171d24bdb7527cefc5961f5e5b9f79c17b1110d728395952b5
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close