Novell Home

CVE-2009-0773

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

CVE-2009-0773 at MITRE

Details

The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains "some non-set elements," which causes jsarray.cpp to pass an incorrect argument to the ResizeSlots function, which triggers memory corruption; (2) vectors related to js_DecompileValueGenerator, jsopcode.cpp, __defineSetter__, and watch, which triggers an assertion failure or a segmentation fault; and (3) vectors related to gczeal, __defineSetter__, and watch, which triggers a hang.
Novell Bugzilla entry: 478625

SUSE Security Advisories:

Product(s) Fixed package version(s) References
SLES 11 DEBUGINFO
  • MozillaFirefox-debuginfo >= 3.0.7-1.1.4
  • MozillaFirefox-debugsource >= 3.0.7-1.1.4
  • mozilla-xulrunner190-debuginfo >= 1.9.0.7-1.1.4
  • mozilla-xulrunner190-debugsource >= 1.9.0.7-1.1.4
 sle11-debuginfo. ia64
sles10-sp2-debuginfo. x86-64
sle11-debuginfo. x86
sles10-sp2-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sles10-sp2-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. s390x
sles10-sp2-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86
SAT Patch Nr: 656
SLES 11 DEBUGINFO
  • MozillaFirefox-debuginfo >= 3.0.7-1.1.4
  • MozillaFirefox-debugsource >= 3.0.7-1.1.4
  • mozilla-xulrunner190-debuginfo >= 1.9.0.7-1.1.4
  • mozilla-xulrunner190-debuginfo-x86 >= 1.9.0.7-1.1.4
  • mozilla-xulrunner190-debugsource >= 1.9.0.7-1.1.4
 sle11-debuginfo. ia64
sles10-sp2-debuginfo. x86-64
sle11-debuginfo. x86
sles10-sp2-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sles10-sp2-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. s390x
sles10-sp2-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86
SAT Patch Nr: 656
SLES 11 DEBUGINFO
  • MozillaFirefox-debuginfo >= 3.0.7-1.1.4
  • MozillaFirefox-debugsource >= 3.0.7-1.1.4
  • mozilla-xulrunner190-debuginfo >= 1.9.0.7-1.1.4
  • mozilla-xulrunner190-debuginfo-32bit >= 1.9.0.7-1.1.4
  • mozilla-xulrunner190-debugsource >= 1.9.0.7-1.1.4
 sle11-debuginfo. ia64
sles10-sp2-debuginfo. x86-64
sle11-debuginfo. x86
sles10-sp2-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sles10-sp2-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. s390x
sles10-sp2-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86
SAT Patch Nr: 656
SLE 11
  • mozilla-xulrunner190-devel >= 1.9.0.7-1.1.4
 sle11-debuginfo. ia64
sles10-sp2-debuginfo. x86-64
sle11-debuginfo. x86
sles10-sp2-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sles10-sp2-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. s390x
sles10-sp2-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86
SAT Patch Nr: 656
SLE 11
  • mozilla-xulrunner190-devel >= 1.9.0.7-1.1.4
  • mozilla-xulrunner190-gnomevfs-x86 >= 1.9.0.7-1.1.4
  • mozilla-xulrunner190-translations-x86 >= 1.9.0.7-1.1.4
 sle11-debuginfo. ia64
sles10-sp2-debuginfo. x86-64
sle11-debuginfo. x86
sles10-sp2-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sles10-sp2-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. s390x
sles10-sp2-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86
SAT Patch Nr: 656
SLE 11
  • mozilla-xulrunner190-devel >= 1.9.0.7-1.1.4
  • mozilla-xulrunner190-gnomevfs-32bit >= 1.9.0.7-1.1.4
  • mozilla-xulrunner190-translations-32bit >= 1.9.0.7-1.1.4
 sle11-debuginfo. ia64
sles10-sp2-debuginfo. x86-64
sle11-debuginfo. x86
sles10-sp2-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sles10-sp2-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. s390x
sles10-sp2-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86
SAT Patch Nr: 656
SLED 11
  • MozillaFirefox >= 3.0.7-1.1.4
  • MozillaFirefox-translations >= 3.0.7-1.1.4
  • mozilla-xulrunner190 >= 1.9.0.7-1.1.4
  • mozilla-xulrunner190-32bit >= 1.9.0.7-1.1.4
  • mozilla-xulrunner190-gnomevfs >= 1.9.0.7-1.1.4
  • mozilla-xulrunner190-gnomevfs-32bit >= 1.9.0.7-1.1.4
  • mozilla-xulrunner190-translations >= 1.9.0.7-1.1.4
  • mozilla-xulrunner190-translations-32bit >= 1.9.0.7-1.1.4
 sle11-debuginfo. ia64
sles10-sp2-debuginfo. x86-64
sle11-debuginfo. x86
sles10-sp2-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sles10-sp2-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. s390x
sles10-sp2-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86
SAT Patch Nr: 656
SLED 11
SLES 11
  • MozillaFirefox >= 3.0.7-1.1.4
  • MozillaFirefox-translations >= 3.0.7-1.1.4
  • mozilla-xulrunner190 >= 1.9.0.7-1.1.4
  • mozilla-xulrunner190-gnomevfs >= 1.9.0.7-1.1.4
  • mozilla-xulrunner190-translations >= 1.9.0.7-1.1.4
 sle11-debuginfo. ia64
sles10-sp2-debuginfo. x86-64
sle11-debuginfo. x86
sles10-sp2-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sles10-sp2-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. s390x
sles10-sp2-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86
SAT Patch Nr: 656
SLES 11
  • MozillaFirefox >= 3.0.7-1.1.4
  • MozillaFirefox-translations >= 3.0.7-1.1.4
  • mozilla-xulrunner190 >= 1.9.0.7-1.1.4
  • mozilla-xulrunner190-gnomevfs >= 1.9.0.7-1.1.4
  • mozilla-xulrunner190-translations >= 1.9.0.7-1.1.4
  • mozilla-xulrunner190-x86 >= 1.9.0.7-1.1.4
 sle11-debuginfo. ia64
sles10-sp2-debuginfo. x86-64
sle11-debuginfo. x86
sles10-sp2-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sles10-sp2-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. s390x
sles10-sp2-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86
SAT Patch Nr: 656
SLES 11
  • MozillaFirefox >= 3.0.7-1.1.4
  • MozillaFirefox-translations >= 3.0.7-1.1.4
  • mozilla-xulrunner190 >= 1.9.0.7-1.1.4
  • mozilla-xulrunner190-32bit >= 1.9.0.7-1.1.4
  • mozilla-xulrunner190-gnomevfs >= 1.9.0.7-1.1.4
  • mozilla-xulrunner190-translations >= 1.9.0.7-1.1.4
 sle11-debuginfo. ia64
sles10-sp2-debuginfo. x86-64
sle11-debuginfo. x86
sles10-sp2-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sles10-sp2-debuginfo. s390x
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. s390x
sles10-sp2-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86
SAT Patch Nr: 656
openSUSE 11.0
  • MozillaFirefox-debuginfo >= 3.0.7-1.1
  • MozillaFirefox-debugsource >= 3.0.7-1.1
  • mozilla-xulrunner190-debuginfo >= 1.9.0.7-1.1
  • mozilla-xulrunner190-debugsource >= 1.9.0.7-1.1
 SAT Patch Nr: 591
openSUSE 11.0
  • MozillaFirefox >= 3.0.7-1.1
  • MozillaFirefox-translations >= 3.0.7-1.1
  • mozilla-xulrunner190 >= 1.9.0.7-1.1
  • mozilla-xulrunner190-32bit >= 1.9.0.7-1.1
  • mozilla-xulrunner190-64bit >= 1.9.0.7-1.1
  • mozilla-xulrunner190-devel >= 1.9.0.7-1.1
  • mozilla-xulrunner190-gnomevfs >= 1.9.0.7-1.1
  • mozilla-xulrunner190-gnomevfs-32bit >= 1.9.0.7-1.1
  • mozilla-xulrunner190-gnomevfs-64bit >= 1.9.0.7-1.1
  • mozilla-xulrunner190-translations >= 1.9.0.7-1.1
  • mozilla-xulrunner190-translations-32bit >= 1.9.0.7-1.1
  • mozilla-xulrunner190-translations-64bit >= 1.9.0.7-1.1
 SAT Patch Nr: 591
openSUSE 11.1
  • MozillaFirefox-debuginfo >= 3.0.7-1.1.6
  • MozillaFirefox-debugsource >= 3.0.7-1.1.6
  • mozilla-xulrunner190-debuginfo >= 1.9.0.7-1.2.2
  • mozilla-xulrunner190-debugsource >= 1.9.0.7-1.2.2
 SAT Patch Nr: 591
openSUSE 11.1
  • MozillaFirefox >= 3.0.7-1.1.6
  • MozillaFirefox-branding-upstream >= 3.0.7-1.1.6
  • MozillaFirefox-translations >= 3.0.7-1.1.6
  • mozilla-xulrunner190 >= 1.9.0.7-1.2.2
  • mozilla-xulrunner190-32bit >= 1.9.0.7-1.2.2
  • mozilla-xulrunner190-devel >= 1.9.0.7-1.2.2
  • mozilla-xulrunner190-gnomevfs >= 1.9.0.7-1.2.2
  • mozilla-xulrunner190-gnomevfs-32bit >= 1.9.0.7-1.2.2
  • mozilla-xulrunner190-translations >= 1.9.0.7-1.2.2
  • mozilla-xulrunner190-translations-32bit >= 1.9.0.7-1.2.2
  • python-xpcom190 >= 1.9.0.7-1.2.2
 SAT Patch Nr: 591
openSUSE 10.3
openSUSE 11.0
  • seamonkey >= 1.1.16-1.1
  • seamonkey-dom-inspector >= 1.1.16-1.1
  • seamonkey-irc >= 1.1.16-1.1
  • seamonkey-mail >= 1.1.16-1.1
  • seamonkey-spellchecker >= 1.1.16-1.1
  • seamonkey-venkman >= 1.1.16-1.1
 ZYPP Patch Nr: 6310
SAT Patch Nr: 1014
openSUSE 11.0
  • seamonkey-debuginfo >= 1.1.16-1.1
  • seamonkey-debugsource >= 1.1.16-1.1
 ZYPP Patch Nr: 6310
SAT Patch Nr: 1014
openSUSE 11.1
  • seamonkey-debuginfo >= 1.1.16-1.1.2
  • seamonkey-debugsource >= 1.1.16-1.1.2
 ZYPP Patch Nr: 6310
SAT Patch Nr: 1014
openSUSE 11.1
  • seamonkey >= 1.1.16-1.1.2
  • seamonkey-dom-inspector >= 1.1.16-1.1.2
  • seamonkey-irc >= 1.1.16-1.1.2
  • seamonkey-mail >= 1.1.16-1.1.2
  • seamonkey-spellchecker >= 1.1.16-1.1.2
  • seamonkey-venkman >= 1.1.16-1.1.2
 ZYPP Patch Nr: 6310
SAT Patch Nr: 1014

Novell® Making IT Work As One

© 2009 Novell, Inc. All Rights Reserved.