CVE-2009-3980

Related Files

Mandriva Linux Security Advisory 2009-339

Posted Dec 22, 2009

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-339 - Security issues were identified and fixed in Firefox 3.0.x. These include multiple unspecified vulnerabilities as well as memory corruption issues.

tags | advisory, vulnerability

systems | linux, mandriva

advisories | CVE-2009-3979, CVE-2009-3980, CVE-2009-3981, CVE-2009-3983, CVE-2009-3984, CVE-2009-3985, CVE-2009-3986, CVE-2009-3987

SHA-256 | 06915cef15d98b90ecc13511e6cf2f4cb0b21ccd16512646a4af384606c37067

Download | Favorite | View

Mandriva Linux Security Advisory 2009-338

Posted Dec 22, 2009

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-338 - Security issues were identified and fixed in Firefox 3.5.x. These include denial of service, code execution, integer overflows, and more.

tags | advisory, denial of service, overflow, code execution

systems | linux, mandriva

advisories | CVE-2009-3388, CVE-2009-3389, CVE-2009-3979, CVE-2009-3980, CVE-2009-3982, CVE-2009-3983, CVE-2009-3984, CVE-2009-3985, CVE-2009-3986, CVE-2009-3987

SHA-256 | 9cc7efa925a6bb9208535359b11a52745232675dc023425cf0797df51d561d00

Download | Favorite | View

Ubuntu Security Notice 874-1

Posted Dec 21, 2009

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 874-1 - Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Takehiro Takahashi discovered flaws in the NTLM implementation in Firefox. If an NTLM authenticated user visited a malicious website, a remote attacker could send requests to other applications, authenticated as the user. Jonathan Morgan discovered that Firefox did not properly display SSL indicators under certain circumstances. This could be used by an attacker to spoof an encrypted page, such as in a phishing attack. Jordi Chancel discovered that Firefox did not properly display invalid URLs for a blank page. If a user were tricked into accessing a malicious website, an attacker could exploit this to spoof the location bar, such as in a phishing attack. David Keeler, Bob Clary, and Dan Kaminsky discovered several flaws in third party media libraries. If a user were tricked into opening a crafted media file, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, remote, denial of service, arbitrary, spoof, javascript

systems | linux, ubuntu

advisories | CVE-2009-3388, CVE-2009-3389, CVE-2009-3979, CVE-2009-3980, CVE-2009-3982, CVE-2009-3983, CVE-2009-3984, CVE-2009-3985, CVE-2009-3986

SHA-256 | 4ce1761d16df1c6ee9f51786f7a5bcc1315bd2c5e16f07360499c7f71471f4ab

Download | Favorite | View