Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2009-2462

Опубликовано: 22 июл. 2009
Источник: ubuntu
Приоритет: medium
CVSS2: 10

Описание

The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synchronous events, (2) a SetMayHaveFrame assertion and nsCSSFrameConstructor::CreateFloatingLetterFrame, (3) nsCSSFrameConstructor::ConstructFrame, (4) the child list and initial reflow, (5) GetLastSpecialSibling, (6) nsFrameManager::GetPrimaryFrameFor and MathML, (7) nsFrame::GetBoxAscent, (8) nsCSSFrameConstructor::AdjustParentFrame, (9) nsDOMOfflineResourceList, and (10) nsContentUtils::ComparePosition.

РелизСтатусПримечание
dapper

ignored

end of life
devel

not-affected

hardy

ignored

end of life
intrepid

DNE

jaunty

DNE

karmic

DNE

lucid

not-affected

maverick

not-affected

natty

not-affected

oneiric

not-affected

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

not-affected

3.0
hardy

ignored

end of life
intrepid

ignored

end of life, was needed
jaunty

ignored

end of life
karmic

ignored

end of life
lucid

not-affected

3.0
maverick

not-affected

3.0
natty

not-affected

3.0
oneiric

not-affected

3.0

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

hardy

ignored

end of life
intrepid

ignored

end of life, was needed
jaunty

ignored

end of life
karmic

ignored

end of life
lucid

DNE

maverick

DNE

natty

DNE

oneiric

DNE

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

hardy

released

1.9.0.12+build1+nobinonly-0ubuntu0.8.04.1
intrepid

released

1.9.0.12+build1+nobinonly-0ubuntu0.8.10.2
jaunty

released

1.9.0.12+build1+nobinonly-0ubuntu0.9.04.1
karmic

DNE

lucid

DNE

maverick

DNE

natty

DNE

oneiric

DNE

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

hardy

DNE

intrepid

DNE

jaunty

released

1.9.1.1+build1+nobinonly-0ubuntu0.9.04.1
karmic

released

1.9.1.1+build1+nobinonly-0ubuntu1
lucid

DNE

maverick

DNE

natty

DNE

oneiric

DNE

Показывать по

Ссылки на источники

10 Critical

CVSS2

Связанные уязвимости

redhat логотип

CVE-2009-2462

redhat
больше 16 лет назад

The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synchronous events, (2) a SetMayHaveFrame assertion and nsCSSFrameConstructor::CreateFloatingLetterFrame, (3) nsCSSFrameConstructor::ConstructFrame, (4) the child list and initial reflow, (5) GetLastSpecialSibling, (6) nsFrameManager::GetPrimaryFrameFor and MathML, (7) nsFrame::GetBoxAscent, (8) nsCSSFrameConstructor::AdjustParentFrame, (9) nsDOMOfflineResourceList, and (10) nsContentUtils::ComparePosition.

nvd логотип

CVE-2009-2462

nvd
больше 16 лет назад

The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synchronous events, (2) a SetMayHaveFrame assertion and nsCSSFrameConstructor::CreateFloatingLetterFrame, (3) nsCSSFrameConstructor::ConstructFrame, (4) the child list and initial reflow, (5) GetLastSpecialSibling, (6) nsFrameManager::GetPrimaryFrameFor and MathML, (7) nsFrame::GetBoxAscent, (8) nsCSSFrameConstructor::AdjustParentFrame, (9) nsDOMOfflineResourceList, and (10) nsContentUtils::ComparePosition.

debian логотип

CVE-2009-2462

debian
больше 16 лет назад

The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird al ...

github логотип

GHSA-gphm-8f5h-pv33

github
больше 3 лет назад

The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synchronous events, (2) a SetMayHaveFrame assertion and nsCSSFrameConstructor::CreateFloatingLetterFrame, (3) nsCSSFrameConstructor::ConstructFrame, (4) the child list and initial reflow, (5) GetLastSpecialSibling, (6) nsFrameManager::GetPrimaryFrameFor and MathML, (7) nsFrame::GetBoxAscent, (8) nsCSSFrameConstructor::AdjustParentFrame, (9) nsDOMOfflineResourceList, and (10) nsContentUtils::ComparePosition.

fstec логотип

BDU:2015-01739

fstec
почти 11 лет назад

Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

10 Critical

CVSS2