Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:22200
HistoryJul 22, 2009 - 12:00 a.m.

Mozilla Foundation Security Advisory 2009-37

2009-07-2200:00:00
vulners.com
17
JSON

Mozilla Foundation Security Advisory 2009-37

Title: Crash and remote code execution using watch and defineSetter on SVG element
Impact: Critical
Announced: July 21, 2009
Reporter: PenPal
Products: Firefox

Fixed in: Firefox 3.5
Firefox 3.0.12
Description

Security researcher PenPal reported a crash involving a SVG element on which a watch function and defineSetter function have been set for a particular property. The crash showed evidence of memory corruption and could potentially be used by an attacker to run arbitrary code on a victim's computer.
Workaround

Disable JavaScript until a version containing these fixes can be installed.
References

* https://bugzilla.mozilla.org/show_bug.cgi?id=488995
* CVE-2009-2469

Related

cve 1
checkpoint_advisories 1
veracode 1
ubuntucve 1
prion 1
mozilla 1
openvas 26
ubuntu 1
nessus 16
fedora 18
osv 1
debian 1
suse 2
securityvulns 1
oraclelinux 1
seebug 1
redhat 1
centos 1
rosalinux 1
gentoo 1
cve
cve
CVE-2009-2469
2009-07-22 18:30:00
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox SVG Element Processing Memory Corruption (CVE-2009-2469)
2010-03-04 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:36:33
ubuntucve
ubuntucve
CVE-2009-2469
2009-07-22 00:00:00
prion
prion
Memory corruption
2009-07-22 18:30:00
mozilla
mozilla
Crash and remote code execution using watch and __defineSetter__ on SVG element — Mozilla
2009-07-21 00:00:00
openvas
openvas
Mozilla Firefox Multiple Vulnerabilities July-09 (Linux)
2009-07-23 00:00:00
Mozilla Firefox Multiple Vulnerabilities July-09 (Linux)
2009-07-23 00:00:00
Ubuntu USN-798-1 (xulrunner-1.9)
2009-07-29 00:00:00
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2009-07-22 00:00:00
nessus
nessus
Ubuntu 8.04 LTS / 8.10 / 9.04 : firefox-3.0, xulrunner-1.9 vulnerabilities (USN-798-1)
2009-07-23 00:00:00
Scientific Linux Security Update : firefox on SL5.x i386/x86_64
2012-08-01 00:00:00
Scientific Linux Security Update : firefox on SL4.x i386/x86_64
2012-08-01 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: gecko-sharp2-0.13-10.fc10
2009-07-23 19:14:52
[SECURITY] Fedora 10 Update: evolution-rss-0.1.2-8.fc10
2009-07-23 19:14:52
[SECURITY] Fedora 10 Update: pcmanx-gtk2-0.3.8-11.fc10
2009-07-23 19:14:52
osv
osv
xulrunner - several vulnerabilities
2009-07-23 00:00:00
debian
debian
[SECURITY] [DSA 1840-1] New xulrunner packages fix several vulnerabilities
2009-07-23 10:30:34
suse
suse
remote code execution in MozillaFirefox
2009-07-27 13:06:57
remote code execution in MozillaFirefox
2009-08-06 11:30:16
securityvulns
securityvulns
Multiple Mozilla Firefox security vulnerabilities
2009-07-22 00:00:00
oraclelinux
oraclelinux
firefox security update
2009-07-22 00:00:00
seebug
seebug
Mozilla Firefox MFSA存在多个安全漏洞
2009-07-24 00:00:00
redhat
redhat
(RHSA-2009:1162) Critical: firefox security update
2009-07-21 00:00:00
centos
centos
firefox, xulrunner security update
2009-07-28 12:22:37
rosalinux
rosalinux
Advisory ROSA-SA-2024-2370
2024-03-12 08:35:15
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
JSON
Related for SECURITYVULNS:DOC:22200
cve1checkpoint_advisories1veracode1ubuntucve1prion1mozilla1openvas26ubuntu1nessus16fedora18osv1debian1suse2securityvulns1oraclelinux1seebug1redhat1centos1rosalinux1gentoo1