Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:21429
HistoryMar 06, 2009 - 12:00 a.m.

Mozilla Foundation Security Advisory 2009-10

2009-03-0600:00:00
vulners.com
19

Mozilla Foundation Security Advisory 2009-10

Title: Upgrade PNG library to fix memory safety hazards
Impact: Critical
Announced: March 4, 2009
Reporter: Glenn Randers-Pehrson
Products: Firefox, Thunderbird, SeaMonkey

Fixed in: Firefox 3.0.7
Thunderbird 2.0.0.21
SeaMonkey 1.1.15
Description

libpng maintainer Glenn Randers-Pehrson reported several memory safety hazards in PNG libraries used by Mozilla. These vulnerabilities could be used by a malicious website to crash a victim's browser and potentially execute arbitrary code on their computer. libpng was upgraded to a version which contained fixes for these flaws.
References

* https://bugzilla.mozilla.org/show_bug.cgi?id=478901
* CVE-2009-0040
Related for SECURITYVULNS:DOC:21429