CVE-2009-1044

Related Files

Mandriva Linux Security Advisory 2009-084

Posted Apr 1, 2009

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-084 - Security vulnerabilities have been discovered in previous versions, and corrected in the latest Mozilla Firefox 3.x, version 3.0.8. This update provides the latest Mozilla Firefox 3.x to correct these issues. Additionally, some packages requiring it have also been rebuilt and are being provided as updates.

tags | advisory, vulnerability

systems | linux, mandriva

advisories | CVE-2009-1044, CVE-2009-1169

SHA-256 | 7337027c6d9eab4a1b99091201ccfc3d20e82590fc265a2fca649cc8d927d330

Download | Favorite | View

Zero Day Initiative Advisory 09-015

Posted Mar 31, 2009

Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-015 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the XUL tree method _moveToEdgeShift(). In some cases this call will trigger garbage collection routines on in use objects which will result in a future call to a dangling pointer. This can be leveraged to execute arbitrary code under the context of the current user.

tags | advisory, remote, arbitrary

advisories | CVE-2009-1044

SHA-256 | 3724f5c1eebf4bf4363f9863b128d77eea5832e13ed30fc3630b4dc48d27f13b

Download | Favorite | View

Debian Linux Security Advisory 1756-1

Posted Mar 30, 2009

Authored by Debian | Site debian.org

Debian Security Advisory 1756-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser.

tags | advisory, remote, web, vulnerability

systems | linux, debian

advisories | CVE-2009-1169, CVE-2009-1044

SHA-256 | 25ae987122b9503b07f7231a697f4f52d1aa0dd70a0fbd140f45e0412035da2e

Download | Favorite | View

Ubuntu Security Notice 745-1

Posted Mar 30, 2009

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-745-1 - It was discovered that Firefox did not properly perform XUL garbage collection. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTS and 8.10. A flaw was discovered in the way Firefox performed XSLT transformations. If a user were tricked into opening a crafted XSL stylesheet, an attacker could cause a denial of service or execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, remote, denial of service, arbitrary

systems | linux, ubuntu

advisories | CVE-2009-1044, CVE-2009-1169

SHA-256 | 0163025e9b14eb8932b5e588c489caff43377a23cfbe2530118a9d37258afaa3

Download | Favorite | View