Novell Home

CVE-2009-1392

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

CVE-2009-1392 at MITRE

Details

The browser engine in Mozilla Firefox 3 before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) nsEventStateManager::GetContentState and nsNativeTheme::CheckBooleanAttr; (2) UnhookTextRunFromFrames and ClearAllTextRunReferences; (3) nsTextFrame::ClearTextRun; (4) IsPercentageAware; (5) PL_DHashTableFinish; (6) nsListBoxBodyFrame::GetNextItemBox; (7) AtomTableClearEntry, related to the atom table, DOM mutation events, and Unicode surrogates; (8) nsHTMLEditor::HideResizers; and (9) nsWindow::SetCursor, related to changing the cursor; and other vectors.
Novell Bugzilla entry: 505563,515951

SUSE Security Advisories:

Product(s) Fixed package version(s) References
openSUSE 11.0
  • MozillaFirefox-debuginfo >= 3.0.11-0.1
  • MozillaFirefox-debugsource >= 3.0.11-0.1
  • mozilla-xulrunner190-debuginfo >= 1.9.0.11-1.1
  • mozilla-xulrunner190-debugsource >= 1.9.0.11-1.1
 SAT Patch Nr: 1000
openSUSE 11.0
  • MozillaFirefox >= 3.0.11-0.1
  • MozillaFirefox-translations >= 3.0.11-0.1
  • mozilla-xulrunner190 >= 1.9.0.11-1.1
  • mozilla-xulrunner190-32bit >= 1.9.0.11-1.1
  • mozilla-xulrunner190-64bit >= 1.9.0.11-1.1
  • mozilla-xulrunner190-devel >= 1.9.0.11-1.1
  • mozilla-xulrunner190-gnomevfs >= 1.9.0.11-1.1
  • mozilla-xulrunner190-gnomevfs-32bit >= 1.9.0.11-1.1
  • mozilla-xulrunner190-gnomevfs-64bit >= 1.9.0.11-1.1
  • mozilla-xulrunner190-translations >= 1.9.0.11-1.1
  • mozilla-xulrunner190-translations-32bit >= 1.9.0.11-1.1
  • mozilla-xulrunner190-translations-64bit >= 1.9.0.11-1.1
 SAT Patch Nr: 1000
openSUSE 11.1
  • MozillaFirefox-debuginfo >= 3.0.11-0.1.1
  • MozillaFirefox-debugsource >= 3.0.11-0.1.1
  • mozilla-xulrunner190-debuginfo >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-debuginfo-32bit >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-debugsource >= 1.9.0.11-1.1.1
 SAT Patch Nr: 1000
openSUSE 11.1
  • MozillaFirefox >= 3.0.11-0.1.1
  • MozillaFirefox-branding-upstream >= 3.0.11-0.1.1
  • MozillaFirefox-translations >= 3.0.11-0.1.1
  • mozilla-xulrunner190 >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-32bit >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-devel >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-gnomevfs >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-gnomevfs-32bit >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-translations >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-translations-32bit >= 1.9.0.11-1.1.1
  • python-xpcom190 >= 1.9.0.11-1.1.1
 SAT Patch Nr: 1000
Novell Linux POS 9
Open Enterprise Server
SUSE CORE 9 for AMD64 and Intel EM64T
SUSE CORE 9 for IBM POWER
SUSE CORE 9 for IBM S/390 31bit
SUSE CORE 9 for IBM zSeries 64bit
SUSE CORE 9 for Itanium Processor Family
SUSE CORE 9 for x86
  • mozilla >= 1.8_seamonkey_1.1.17-0.6
  • mozilla-devel >= 1.8_seamonkey_1.1.17-0.6
  • mozilla-dom-inspector >= 1.8_seamonkey_1.1.17-0.6
  • mozilla-irc >= 1.8_seamonkey_1.1.17-0.6
  • mozilla-mail >= 1.8_seamonkey_1.1.17-0.6
  • mozilla-venkman >= 1.8_seamonkey_1.1.17-0.6
 core9. ia64
core9. ppc
core9. s390
core9. s390x
sles9-nld. x86-64
sles9-oes. x86
core9. x86
sles9-nlpos. x86
core9. x86-64
sles9-nld. x86
YOU Patch Nr: 12519
Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
  • epiphany >= 1.2.10-0.9
  • epiphany-doc >= 1.2.10-0.9
  • epiphany-extensions >= 0.8.2-2.10
  • epiphany-extensions-devel >= 0.8.2-2.10
  • mozilla >= 1.8_seamonkey_1.1.17-0.6
  • mozilla-devel >= 1.8_seamonkey_1.1.17-0.6
  • mozilla-dom-inspector >= 1.8_seamonkey_1.1.17-0.6
  • mozilla-irc >= 1.8_seamonkey_1.1.17-0.6
  • mozilla-mail >= 1.8_seamonkey_1.1.17-0.6
  • mozilla-venkman >= 1.8_seamonkey_1.1.17-0.6
 core9. ia64
core9. ppc
core9. s390
core9. s390x
sles9-nld. x86-64
sles9-oes. x86
core9. x86
sles9-nlpos. x86
core9. x86-64
sles9-nld. x86
YOU Patch Nr: 12519
openSUSE 10.3
openSUSE 11.0
  • seamonkey >= 1.1.18-0.1
  • seamonkey-dom-inspector >= 1.1.18-0.1
  • seamonkey-irc >= 1.1.18-0.1
  • seamonkey-mail >= 1.1.18-0.1
  • seamonkey-spellchecker >= 1.1.18-0.1
  • seamonkey-venkman >= 1.1.18-0.1
 ZYPP Patch Nr: 6538
SAT Patch Nr: 1364
openSUSE 11.0
  • seamonkey-debuginfo >= 1.1.18-0.1
  • seamonkey-debugsource >= 1.1.18-0.1
 ZYPP Patch Nr: 6538
SAT Patch Nr: 1364
openSUSE 11.1
  • seamonkey-debuginfo >= 1.1.18-0.1.1
  • seamonkey-debugsource >= 1.1.18-0.1.1
 ZYPP Patch Nr: 6538
SAT Patch Nr: 1364
openSUSE 11.1
  • seamonkey >= 1.1.18-0.1.1
  • seamonkey-dom-inspector >= 1.1.18-0.1.1
  • seamonkey-irc >= 1.1.18-0.1.1
  • seamonkey-mail >= 1.1.18-0.1.1
  • seamonkey-spellchecker >= 1.1.18-0.1.1
  • seamonkey-venkman >= 1.1.18-0.1.1
 ZYPP Patch Nr: 6538
SAT Patch Nr: 1364
SLE 11 DESKTOP Unsupported Extras
  • MozillaThunderbird >= 2.0.0.22-0.1.1
  • MozillaThunderbird-translations >= 2.0.0.22-0.1.1
 SAT Patch Nr: 1090
openSUSE 10.3
openSUSE 11.0
  • MozillaThunderbird >= 2.0.0.22-0.1
  • MozillaThunderbird-devel >= 2.0.0.22-0.1
  • MozillaThunderbird-translations >= 2.0.0.22-0.1
 ZYPP Patch Nr: 6347
SAT Patch Nr: 1091
openSUSE 11.0
  • MozillaThunderbird-debuginfo >= 2.0.0.22-0.1
  • MozillaThunderbird-debugsource >= 2.0.0.22-0.1
 ZYPP Patch Nr: 6347
SAT Patch Nr: 1091
openSUSE 11.1
  • MozillaThunderbird-debuginfo >= 2.0.0.22-0.1.1
  • MozillaThunderbird-debugsource >= 2.0.0.22-0.1.1
 ZYPP Patch Nr: 6347
SAT Patch Nr: 1091
openSUSE 11.1
  • MozillaThunderbird >= 2.0.0.22-0.1.1
  • MozillaThunderbird-devel >= 2.0.0.22-0.1.1
  • MozillaThunderbird-translations >= 2.0.0.22-0.1.1
 ZYPP Patch Nr: 6347
SAT Patch Nr: 1091
SLES 11 DEBUGINFO
  • MozillaFirefox-debuginfo >= 3.0.11-0.1.1
  • MozillaFirefox-debugsource >= 3.0.11-0.1.1
  • mozilla-xulrunner190-debuginfo >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-debugsource >= 1.9.0.11-1.1.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
SAT Patch Nr: 1001
SLES 11 DEBUGINFO
  • MozillaFirefox-debuginfo >= 3.0.11-0.1.1
  • MozillaFirefox-debugsource >= 3.0.11-0.1.1
  • mozilla-xulrunner190-debuginfo >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-debuginfo-x86 >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-debugsource >= 1.9.0.11-1.1.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
SAT Patch Nr: 1001
SLES 11 DEBUGINFO
  • MozillaFirefox-debuginfo >= 3.0.11-0.1.1
  • MozillaFirefox-debugsource >= 3.0.11-0.1.1
  • mozilla-xulrunner190-debuginfo >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-debuginfo-32bit >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-debugsource >= 1.9.0.11-1.1.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
SAT Patch Nr: 1001
SLE 11
  • mozilla-xulrunner190-devel >= 1.9.0.11-1.1.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
SAT Patch Nr: 1001
SLE 11
  • mozilla-xulrunner190-devel >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-gnomevfs-x86 >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-translations-x86 >= 1.9.0.11-1.1.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
SAT Patch Nr: 1001
SLE 11
  • mozilla-xulrunner190-devel >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-gnomevfs-32bit >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-translations-32bit >= 1.9.0.11-1.1.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
SAT Patch Nr: 1001
SLED 11
  • MozillaFirefox >= 3.0.11-0.1.1
  • MozillaFirefox-translations >= 3.0.11-0.1.1
  • mozilla-xulrunner190 >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-32bit >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-gnomevfs >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-gnomevfs-32bit >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-translations >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-translations-32bit >= 1.9.0.11-1.1.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
SAT Patch Nr: 1001
SLED 11
SLES 11
  • MozillaFirefox >= 3.0.11-0.1.1
  • MozillaFirefox-translations >= 3.0.11-0.1.1
  • mozilla-xulrunner190 >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-gnomevfs >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-translations >= 1.9.0.11-1.1.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
SAT Patch Nr: 1001
SLES 11
  • MozillaFirefox >= 3.0.11-0.1.1
  • MozillaFirefox-translations >= 3.0.11-0.1.1
  • mozilla-xulrunner190 >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-gnomevfs >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-translations >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-x86 >= 1.9.0.11-1.1.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
SAT Patch Nr: 1001
SLES 11
  • MozillaFirefox >= 3.0.11-0.1.1
  • MozillaFirefox-translations >= 3.0.11-0.1.1
  • mozilla-xulrunner190 >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-32bit >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-gnomevfs >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-translations >= 1.9.0.11-1.1.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
SAT Patch Nr: 1001

Novell® Making IT Work As One

© 2009 Novell, Inc. All Rights Reserved.