Computer Security

Security Advisory: Mozilla Foundation Security Advisory 2009-10
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Mozilla Firefox / Seamonkey / Thunderbird multiple security vulnerabilities

  ZDI-09-015: Mozilla Firefox XUL _moveToEdgeShift(
) Memory Corruption Vulnerability

  Mozilla Foundation Security Advisory 2009-12

  Mozilla Foundation Security Advisory 2009-13

  Mozilla Foundation Security Advisory 2009-11

From:MOZILLA
Date:06.03.2009
Subject:Mozilla Foundation Security Advisory 2009-10

Mozilla Foundation Security Advisory 2009-10

Title: Upgrade PNG library to fix memory safety hazards
Impact: Critical
Announced: March 4, 2009
Reporter: Glenn Randers-Pehrson
Products: Firefox, Thunderbird, SeaMonkey

Fixed in: Firefox 3.0.7
 Thunderbird 2.0.0.21
 SeaMonkey 1.1.15
Description

libpng maintainer Glenn Randers-Pehrson reported several memory safety hazards in PNG libraries used by Mozilla. These vulnerabilities could be used by a malicious website to crash a victim's browser and potentially execute arbitrary code on their computer. libpng was upgraded to a version which contained fixes for these flaws.
References

   * https://bugzilla.mozilla.org/show_bug.cgi?id=478901
   * CVE-2009-0040

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru