FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2009-1833

This CVE name corresponds to:

Entered	Topic
2009-06-12	mozilla -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2009-1833 at cve.mitre.org

Details

Type	Candidate
Name	CVE-2009-1833
Phase	Assigned(20090529)

Description

The JavaScript engine in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) js_LeaveSharpObject, (2) ParseXMLSource, and (3) a certain assertion in jsinterp.c; and other vectors.

References

Source	Reference
CONFIRM	http://www.mozilla.org/security/announce/2009/mfsa2009-24.html
CONFIRM	https://bugzilla.mozilla.org/show_bug.cgi?id=369696
CONFIRM	https://bugzilla.mozilla.org/show_bug.cgi?id=426520
CONFIRM	https://bugzilla.mozilla.org/show_bug.cgi?id=427196
CONFIRM	https://bugzilla.mozilla.org/show_bug.cgi?id=487204
CONFIRM	https://bugzilla.redhat.com/show_bug.cgi?id=503570
DEBIAN	DSA-1820
FEDORA	FEDORA-2009-6366
FEDORA	FEDORA-2009-6411
MANDRIVA	MDVSA-2009:141
REDHAT	RHSA-2009:1095
REDHAT	RHSA-2009:1096
REDHAT	RHSA-2009:1125
REDHAT	RHSA-2009:1126
SLACKWARE	SSA:2009-167-01
SLACKWARE	SSA:2009-176-01
SLACKWARE	SSA:2009-178-01
SUNALERT	265068
SUNALERT	1020800
UBUNTU	USN-782-1
BID	35326
BID	35372
OSVDB	55152
OSVDB	55153
OSVDB	55154
OVAL	oval:org.mitre.oval:def:11487
SECTRACK	1022376
SECTRACK	1022397
SECUNIA	35331
SECUNIA	35428
SECUNIA	35431
SECUNIA	35439
SECUNIA	35440
SECUNIA	35468
SECUNIA	35536
SECUNIA	35415
SECUNIA	35561
SECUNIA	35602
VUPEN	ADV-2009-1572
VUPEN	ADV-2009-2152