FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2009-2470

This CVE name corresponds to:

Entered Topic
2009-08-04 mozilla -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2009-2470
Phase Assigned(20090715)

Description

Mozilla Firefox before 3.0.12, and 3.5.x before 3.5.2, allows remote SOCKS5 proxy servers to cause a denial of service (data stream corruption) via a long domain name in a reply.

References

Source Reference
CONFIRM http://www.mozilla.org/security/announce/2009/mfsa2009-38.html
CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=459524
FEDORA FEDORA-2009-8279
FEDORA FEDORA-2009-8288
REDHAT RHSA-2010:0153
REDHAT RHSA-2010:0154
SUNALERT 266148
BID 35925
OVAL oval:org.mitre.oval:def:10197
SECTRACK 1022665
SECUNIA 36126
VUPEN ADV-2009-2142
VUPEN ADV-2010-0650
XF firefox-socks5-dos(52252)