QwikSec

Security Database

CVE

CWE

Training

CVE-2009-0773

Published: Mar 5, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains "some non-set elements," which causes jsarray.cpp to pass an incorrect argument to the ResizeSlots function, which triggers memory corruption; (2) vectors related to js_DecompileValueGenerator, jsopcode.cpp, __defineSetter__, and watch, which triggers an assertion failure or a segmentation fault; and (3) vectors related to gczeal, __defineSetter__, and watch, which triggers a hang.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

oval:org.mitre.oval:def:10491

vdb-entry

signature

x_refsource_OVAL

vendor-advisory

x_refsource_REDHAT

SUSE-SA:2009:012

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_DEBIAN

oval:org.mitre.oval:def:6708

vdb-entry

signature

x_refsource_OVAL

vdb-entry

x_refsource_VUPEN

FEDORA-2009-3101

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_DEBIAN

SSA:2009-083-02

vendor-advisory

x_refsource_SLACKWARE

third-party-advisory

x_refsource_SECUNIA

http://www.mozilla.org/security/announce/2009/mfsa2009-07.html

x_refsource_CONFIRM

oval:org.mitre.oval:def:5856

vdb-entry

signature

x_refsource_OVAL

vendor-advisory

x_refsource_MANDRIVA

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

https://bugzilla.mozilla.org/show_bug.cgi?id=467499

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

oval:org.mitre.oval:def:5980

vdb-entry

signature

x_refsource_OVAL

third-party-advisory

x_refsource_SECUNIA

https://bugzilla.mozilla.org/show_bug.cgi?id=457521

x_refsource_CONFIRM

https://bugzilla.mozilla.org/show_bug.cgi?id=472787

x_refsource_CONFIRM

SSA:2009-083-03

vendor-advisory

x_refsource_SLACKWARE

third-party-advisory

x_refsource_SECUNIA

http://support.avaya.com/elmodocs2/security/ASA-2009-069.htm

x_refsource_CONFIRM

vdb-entry

x_refsource_SECTRACK

vendor-advisory

x_refsource_MANDRIVA

vdb-entry

x_refsource_BID

third-party-advisory

x_refsource_SECUNIA

oval:org.mitre.oval:def:6141

vdb-entry

signature

x_refsource_OVAL

http://support.avaya.com/japple/css/japple?temp.documentID=366362&temp.productID=154235&temp.releaseID=361845&temp.bucketID=126655&PAGE=Document

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.