Computer Security

CVE-2009-1837
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



CVECVE-2009-1837
StatusUNKNOWN
DescriptionRace condition in the NPObjWrapper_NewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code via a page transition during Java applet loading, related to a use-after-free vulnerability for memory associated with a destroyed Java object.
SeverityHigh
CVSS score9,3
CVSS vector(AV:N/AC:M/Au:N/C:C/I:C/A:C)
PhaseASSIGNED (21.08.2010)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1837
ReferencesBID : 35326
 BID : 35360
 BUGTRAQ : 20090612 Secunia Research: Mozilla Firefox Java Applet Loading Vulnerability
 CONFIRM : http://www.mozilla.org/security/announce/2009/mfsa...
 CONFIRM : https://bugzilla.mozilla.org/show_bug.cgi?id=486269
 CONFIRM : https://bugzilla.redhat.com/show_bug.cgi?id=503579
 DEBIAN : DSA-1820
 FEDORA : FEDORA-2009-6366
 FEDORA : FEDORA-2009-6411
 MISC : http://secunia.com/secunia_research/2009-19/
 OVAL : oval:org.mitre.oval:def:10628
 REDHAT : RHSA-2009:1095
 SECTRACK : 1022386
 SECUNIA : 34241
 SECUNIA : 35331
 SECUNIA : 35415
 SECUNIA : 35431
 SECUNIA : 35468
 SLACKWARE : SSA:2009-167-01
 SUNALERT : 264308
 VUPEN : ADV-2009-1572
SecurityVulns:Mozilla Firefox multiple security vulnerabilities
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server