Back to search
CVE-2009-3389
Published: Dec 17, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used in Mozilla Firefox 3.5 before 3.5.6 and SeaMonkey before 2.0.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a video with large dimensions.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
39317
third-party-advisory
x_refsource_SECUNIA
37699
third-party-advisory
x_refsource_SECUNIA
http://www.mozilla.org/security/announce/2009/mfsa2009-67.html
x_refsource_CONFIRM
oval:org.mitre.oval:def:7967
vdb-entry
signature
x_refsource_OVAL
ADV-2009-3547
vdb-entry
x_refsource_VUPEN
https://bugzilla.mozilla.org/show_bug.cgi?id=515882
x_refsource_CONFIRM
37881
third-party-advisory
x_refsource_SECUNIA
FEDORA-2009-13362
vendor-advisory
x_refsource_FEDORA
37785
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2010:013
vendor-advisory
x_refsource_SUSE
USN-874-1
vendor-advisory
x_refsource_UBUNTU
FEDORA-2009-13333
vendor-advisory
x_refsource_FEDORA
mozilla-theora-bo(54805)
vdb-entry
x_refsource_XF
37349
vdb-entry
x_refsource_BID
SUSE-SR:2010:008
vendor-advisory
x_refsource_SUSE
FEDORA-2009-13366
vendor-advisory
x_refsource_FEDORA
http://www.theora.org/news/#libtheora-1.1.0
x_refsource_MISC
MDVSA-2010:043
vendor-advisory
x_refsource_MANDRIVA
37856
third-party-advisory
x_refsource_SECUNIA
37368
vdb-entry
x_refsource_BID
https://bugzilla.mozilla.org/show_bug.cgi?id=504613
x_refsource_CONFIRM
SUSE-SA:2009:063
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now