Showing 1 - 4 of 4

CVE-2009-1044

Status Candidate

Overview

Mozilla Firefox 3.0.7 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors related to the _moveToEdgeShift XUL tree method, which triggers garbage collection on objects that are still in use, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.

Related Files

Mandriva Linux Security Advisory 2009-084: Posted Apr 1, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-084 - Security vulnerabilities have been discovered in previous versions, and corrected in the latest Mozilla Firefox 3.x, version 3.0.8. This update provides the latest Mozilla Firefox 3.x to correct these issues. Additionally, some packages requiring it have also been rebuilt and are being provided as updates.; tags | advisory, vulnerability; systems | linux, mandriva; advisories | CVE-2009-1044, CVE-2009-1169; SHA-256 | 7337027c6d9eab4a1b99091201ccfc3d20e82590fc265a2fca649cc8d927d330; Download | Favorite | View

Zero Day Initiative Advisory 09-015: Posted Mar 31, 2009; Authored by Tipping Point | Site zerodayinitiative.com; Zero Day Initiative Advisory 09-015 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the XUL tree method _moveToEdgeShift(). In some cases this call will trigger garbage collection routines on in use objects which will result in a future call to a dangling pointer. This can be leveraged to execute arbitrary code under the context of the current user.; tags | advisory, remote, arbitrary; advisories | CVE-2009-1044; SHA-256 | 3724f5c1eebf4bf4363f9863b128d77eea5832e13ed30fc3630b4dc48d27f13b; Download | Favorite | View

Debian Linux Security Advisory 1756-1: Posted Mar 30, 2009; Authored by Debian | Site debian.org; Debian Security Advisory 1756-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser.; tags | advisory, remote, web, vulnerability; systems | linux, debian; advisories | CVE-2009-1169, CVE-2009-1044; SHA-256 | 25ae987122b9503b07f7231a697f4f52d1aa0dd70a0fbd140f45e0412035da2e; Download | Favorite | View

Ubuntu Security Notice 745-1: Posted Mar 30, 2009; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice USN-745-1 - It was discovered that Firefox did not properly perform XUL garbage collection. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.04 LTS and 8.10. A flaw was discovered in the way Firefox performed XSLT transformations. If a user were tricked into opening a crafted XSL stylesheet, an attacker could cause a denial of service or execute arbitrary code with the privileges of the user invoking the program.; tags | advisory, remote, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2009-1044, CVE-2009-1169; SHA-256 | 0163025e9b14eb8932b5e588c489caff43377a23cfbe2530118a9d37258afaa3; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 237 files
indoushka 172 files
Jay Turla 150 files
Ubuntu 78 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,114)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,124)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (389)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,237)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,845)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,852)
UNIX (9,456)
UnixWare (188)
Windows (6,772)
Other

CVE-2009-1044

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems