Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2009:0397
HistoryMar 27, 2009 - 12:00 a.m.

(RHSA-2009:0397) Critical: firefox security update

2009-03-2700:00:00
access.redhat.com
38

EPSS

0.96

Percentile

99.5%

JSON

Mozilla Firefox is an open source Web browser. XULRunner provides the XUL
Runtime environment for Mozilla Firefox.

A memory corruption flaw was discovered in the way Firefox handles XML
files containing an XSLT transform. A remote attacker could use this flaw
to crash Firefox or, potentially, execute arbitrary code as the user
running Firefox. (CVE-2009-1169)

A flaw was discovered in the way Firefox handles certain XUL garbage
collection events. A remote attacker could use this flaw to crash Firefox
or, potentially, execute arbitrary code as the user running Firefox.
(CVE-2009-1044)

For technical details regarding these flaws, refer to the Mozilla security
advisories. You can find a link to the Mozilla advisories in the References
section of this errata.

Firefox users should upgrade to these updated packages, which resolve these
issues. For Red Hat Enterprise Linux 4, they contain backported patches to
the firefox package. For Red Hat Enterprise Linux 5, they contain
backported patches to the xulrunner packages. After installing the update,
Firefox must be restarted for the changes to take effect.

Related

fedora 58
nessus 24
debian 2
openvas 51
ubuntu 1
centos 3
oraclelinux 2
redhat 1
suse 2
osv 1
checkpoint_advisories 4
prion 2
nvd 2
seebug 3
securityvulns 4
ubuntucve 2
mozilla 2
cve 2
zdi 1
veracode 2
cvelist 2
exploitdb 1
gentoo 1
fedora
fedora
[SECURITY] Fedora 9 Update: epiphany-2.22.2-9.fc9
2009-03-28 01:24:44
[SECURITY] Fedora 9 Update: totem-2.23.2-13.fc9
2009-03-28 17:24:32
[SECURITY] Fedora 9 Update: firefox-3.0.8-1.fc9
2009-03-28 01:24:44
nessus
nessus
Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : firefox, firefox-3.0, xulrunner-1.9 vulnerabilities (USN-745-1)
2009-04-23 00:00:00
CentOS 3 : seamonkey (CESA-2009:0398)
2009-03-30 00:00:00
Firefox < 3.0.8 Multiple Vulnerabilities
2009-03-30 00:00:00
debian
debian
[SECURITY] [DSA 1756-1] New xulrunner packages fix multiple vulnerabilities
2009-03-29 18:03:00
[SECURITY] [DSA 1756-1] New xulrunner packages fix multiple vulnerabilities
2009-03-29 18:03:00
openvas
openvas
CentOS Update for seamonkey CESA-2009:0398-01 centos2 i386
2011-08-09 00:00:00
Fedora Core 9 FEDORA-2009-3099 (firefox)
2009-04-06 00:00:00
Mandrake Security Advisory MDVSA-2009:084 (firefox)
2009-04-06 00:00:00
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2009-03-28 00:00:00
centos
centos
seamonkey security update
2009-03-28 14:45:12
firefox, xulrunner security update
2009-04-09 17:48:16
seamonkey security update
2009-03-30 22:53:22
oraclelinux
oraclelinux
firefox security update
2009-03-29 00:00:00
seamonkey security update
2009-03-29 00:00:00
redhat
redhat
(RHSA-2009:0398) Critical: seamonkey security update
2009-03-27 00:00:00
suse
suse
remote code execution in MozillaFirefox
2009-04-20 12:00:48
remote code execution in MozillaFirefox
2009-04-20 12:01:40
osv
osv
xulrunner - multiple vulnerabilities
2009-03-29 00:00:00
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox XUL Tree Element Code Execution - Ver2 (CVE-2009-1044)
2014-03-31 00:00:00
Mozilla Firefox XUL Tree Element Code Execution - Ver2 (CVE-2009-1044)
2014-03-31 00:00:00
Mozilla Firefox XSL Transformation Memory Corruption - Ver2 (CVE-2009-1169)
2015-03-26 00:00:00
prion
prion
Design/Logic Flaw
2009-03-23 14:19:00
Code injection
2009-03-27 00:30:00
nvd
nvd
CVE-2009-1044
2009-03-23 14:19:12
CVE-2009-1169
2009-03-27 00:30:00
seebug
seebug
Mozilla Firefox '_moveToEdgeShift' 远程代码执行漏洞
2009-04-04 00:00:00
Firefox _moveToEdgeShift方式远程代码执行漏洞
2009-04-01 00:00:00
Firefox XSL解析root XML标签内存破坏漏洞
2009-04-01 00:00:00
securityvulns
securityvulns
ZDI-09-015: Mozilla Firefox XUL _moveToEdgeShift&#40;&#41; Memory Corruption Vulnerability
2009-04-01 00:00:00
Mozilla Foundation Security Advisory 2009-12
2009-04-01 00:00:00
Mozilla Foundation Security Advisory 2009-13
2009-04-01 00:00:00
ubuntucve
ubuntucve
CVE-2009-1044
2009-03-27 00:00:00
CVE-2009-1169
2009-03-27 00:00:00
mozilla
mozilla
Arbitrary code execution via XUL tree element — Mozilla
2009-03-27 00:00:00
XSL Transformation vulnerability — Mozilla
2009-03-27 00:00:00
cve
cve
CVE-2009-1044
2009-03-23 14:19:12
CVE-2009-1169
2009-03-27 00:30:00
zdi
zdi
Mozilla Firefox XUL _moveToEdgeShift() Memory Corruption Vulnerability
2009-03-30 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:31:20
Arbitrary Code Execution
2020-04-10 00:31:20
cvelist
cvelist
CVE-2009-1169
2009-03-27 00:00:00
CVE-2009-1044
2009-03-23 14:00:00
exploitdb
exploitdb
Mozilla Firefox XSL - Parsing Remote Memory Corruption (PoC) (1)
2009-03-25 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00

EPSS

0.96

Percentile

99.5%

JSON
Related for RHSA-2009:0397
fedora58nessus24debian2openvas51ubuntu1centos3oraclelinux2redhat1suse2osv1checkpoint_advisories4prion2nvd2seebug3securityvulns4ubuntucve2mozilla2cve2zdi1veracode2cvelist2exploitdb1gentoo1