[Forgot Password]
Login  Register Subscribe

23631

 
 

126941

 
 

98250

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-1751 xulrunner -- several vulnerabilities

ID: oval:org.mitre.oval:def:7990Date: (C)2009-12-15   (M)2017-11-27
Class: PATCHFamily: unix




Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems: Martijn Wargers, Jesse Ruderman and Josh Soref discovered crashes in the layout engine, which might allow the execution of arbitrary code. Jesse Ruderman discovered crashes in the layout engine, which might allow the execution of arbitrary code. Gary Kwong, and Timothee Groleau discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. Gary Kwong discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. It was discovered that incorrect memory management in the DOM element handling may lead to the execution of arbitrary code. Georgi Guninski discovered a violation of the same-origin policy through RDFXMLDataSource and cross-domain redirects. As indicated in the Etch release notes, security support for the Mozilla products in the oldstable distribution needed to be stopped before the end of the regular Etch security maintenance life cycle. You are strongly encouraged to upgrade to stable or switch to a still supported browser.

Platform:
Debian 5.0
Product:
xulrunner
Reference:
DSA-1751
CVE-2009-0771
CVE-2009-0772
CVE-2009-0773
CVE-2009-0774
CVE-2009-0775
CVE-2009-0776
CVE    6
CVE-2009-0775
CVE-2009-0774
CVE-2009-0773
CVE-2009-0772
...
CPE    1
cpe:/o:debian:debian_linux:5.x

© 2013 SecPod Technologies