Novell Home

CVE-2009-1838

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

CVE-2009-1838 at MITRE

Details

The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 sets an element's owner document to null in unspecified circumstances, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted event handler, related to an incorrect context for this event handler.
Novell Bugzilla entry: 505563,515951

SUSE Security Advisories:

Product(s) Fixed package version(s) References
openSUSE 11.0
  • MozillaFirefox-debuginfo >= 3.0.11-0.1
  • MozillaFirefox-debugsource >= 3.0.11-0.1
  • mozilla-xulrunner190-debuginfo >= 1.9.0.11-1.1
  • mozilla-xulrunner190-debugsource >= 1.9.0.11-1.1
 SAT Patch Nr: 1000
openSUSE 11.0
  • MozillaFirefox >= 3.0.11-0.1
  • MozillaFirefox-translations >= 3.0.11-0.1
  • mozilla-xulrunner190 >= 1.9.0.11-1.1
  • mozilla-xulrunner190-32bit >= 1.9.0.11-1.1
  • mozilla-xulrunner190-64bit >= 1.9.0.11-1.1
  • mozilla-xulrunner190-devel >= 1.9.0.11-1.1
  • mozilla-xulrunner190-gnomevfs >= 1.9.0.11-1.1
  • mozilla-xulrunner190-gnomevfs-32bit >= 1.9.0.11-1.1
  • mozilla-xulrunner190-gnomevfs-64bit >= 1.9.0.11-1.1
  • mozilla-xulrunner190-translations >= 1.9.0.11-1.1
  • mozilla-xulrunner190-translations-32bit >= 1.9.0.11-1.1
  • mozilla-xulrunner190-translations-64bit >= 1.9.0.11-1.1
 SAT Patch Nr: 1000
openSUSE 11.1
  • MozillaFirefox-debuginfo >= 3.0.11-0.1.1
  • MozillaFirefox-debugsource >= 3.0.11-0.1.1
  • mozilla-xulrunner190-debuginfo >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-debuginfo-32bit >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-debugsource >= 1.9.0.11-1.1.1
 SAT Patch Nr: 1000
openSUSE 11.1
  • MozillaFirefox >= 3.0.11-0.1.1
  • MozillaFirefox-branding-upstream >= 3.0.11-0.1.1
  • MozillaFirefox-translations >= 3.0.11-0.1.1
  • mozilla-xulrunner190 >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-32bit >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-devel >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-gnomevfs >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-gnomevfs-32bit >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-translations >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-translations-32bit >= 1.9.0.11-1.1.1
  • python-xpcom190 >= 1.9.0.11-1.1.1
 SAT Patch Nr: 1000
Novell Linux POS 9
Open Enterprise Server
SUSE CORE 9 for AMD64 and Intel EM64T
SUSE CORE 9 for IBM POWER
SUSE CORE 9 for IBM S/390 31bit
SUSE CORE 9 for IBM zSeries 64bit
SUSE CORE 9 for Itanium Processor Family
SUSE CORE 9 for x86
  • mozilla >= 1.8_seamonkey_1.1.17-0.6
  • mozilla-devel >= 1.8_seamonkey_1.1.17-0.6
  • mozilla-dom-inspector >= 1.8_seamonkey_1.1.17-0.6
  • mozilla-irc >= 1.8_seamonkey_1.1.17-0.6
  • mozilla-mail >= 1.8_seamonkey_1.1.17-0.6
  • mozilla-venkman >= 1.8_seamonkey_1.1.17-0.6
 core9. ia64
core9. ppc
core9. s390
core9. s390x
sles9-nld. x86-64
sles9-oes. x86
core9. x86
sles9-nlpos. x86
core9. x86-64
sles9-nld. x86
YOU Patch Nr: 12519
Novell Linux Desktop 9 for x86
Novell Linux Desktop 9 for x86_64
  • epiphany >= 1.2.10-0.9
  • epiphany-doc >= 1.2.10-0.9
  • epiphany-extensions >= 0.8.2-2.10
  • epiphany-extensions-devel >= 0.8.2-2.10
  • mozilla >= 1.8_seamonkey_1.1.17-0.6
  • mozilla-devel >= 1.8_seamonkey_1.1.17-0.6
  • mozilla-dom-inspector >= 1.8_seamonkey_1.1.17-0.6
  • mozilla-irc >= 1.8_seamonkey_1.1.17-0.6
  • mozilla-mail >= 1.8_seamonkey_1.1.17-0.6
  • mozilla-venkman >= 1.8_seamonkey_1.1.17-0.6
 core9. ia64
core9. ppc
core9. s390
core9. s390x
sles9-nld. x86-64
sles9-oes. x86
core9. x86
sles9-nlpos. x86
core9. x86-64
sles9-nld. x86
YOU Patch Nr: 12519
openSUSE 10.3
openSUSE 11.0
  • seamonkey >= 1.1.18-0.1
  • seamonkey-dom-inspector >= 1.1.18-0.1
  • seamonkey-irc >= 1.1.18-0.1
  • seamonkey-mail >= 1.1.18-0.1
  • seamonkey-spellchecker >= 1.1.18-0.1
  • seamonkey-venkman >= 1.1.18-0.1
 ZYPP Patch Nr: 6538
SAT Patch Nr: 1364
openSUSE 11.0
  • seamonkey-debuginfo >= 1.1.18-0.1
  • seamonkey-debugsource >= 1.1.18-0.1
 ZYPP Patch Nr: 6538
SAT Patch Nr: 1364
openSUSE 11.1
  • seamonkey-debuginfo >= 1.1.18-0.1.1
  • seamonkey-debugsource >= 1.1.18-0.1.1
 ZYPP Patch Nr: 6538
SAT Patch Nr: 1364
openSUSE 11.1
  • seamonkey >= 1.1.18-0.1.1
  • seamonkey-dom-inspector >= 1.1.18-0.1.1
  • seamonkey-irc >= 1.1.18-0.1.1
  • seamonkey-mail >= 1.1.18-0.1.1
  • seamonkey-spellchecker >= 1.1.18-0.1.1
  • seamonkey-venkman >= 1.1.18-0.1.1
 ZYPP Patch Nr: 6538
SAT Patch Nr: 1364
SLE 11 DESKTOP Unsupported Extras
  • MozillaThunderbird >= 2.0.0.22-0.1.1
  • MozillaThunderbird-translations >= 2.0.0.22-0.1.1
 SAT Patch Nr: 1090
openSUSE 10.3
openSUSE 11.0
  • MozillaThunderbird >= 2.0.0.22-0.1
  • MozillaThunderbird-devel >= 2.0.0.22-0.1
  • MozillaThunderbird-translations >= 2.0.0.22-0.1
 ZYPP Patch Nr: 6347
SAT Patch Nr: 1091
openSUSE 11.0
  • MozillaThunderbird-debuginfo >= 2.0.0.22-0.1
  • MozillaThunderbird-debugsource >= 2.0.0.22-0.1
 ZYPP Patch Nr: 6347
SAT Patch Nr: 1091
openSUSE 11.1
  • MozillaThunderbird-debuginfo >= 2.0.0.22-0.1.1
  • MozillaThunderbird-debugsource >= 2.0.0.22-0.1.1
 ZYPP Patch Nr: 6347
SAT Patch Nr: 1091
openSUSE 11.1
  • MozillaThunderbird >= 2.0.0.22-0.1.1
  • MozillaThunderbird-devel >= 2.0.0.22-0.1.1
  • MozillaThunderbird-translations >= 2.0.0.22-0.1.1
 ZYPP Patch Nr: 6347
SAT Patch Nr: 1091
SLES 11 DEBUGINFO
  • MozillaFirefox-debuginfo >= 3.0.11-0.1.1
  • MozillaFirefox-debugsource >= 3.0.11-0.1.1
  • mozilla-xulrunner190-debuginfo >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-debugsource >= 1.9.0.11-1.1.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
SAT Patch Nr: 1001
SLES 11 DEBUGINFO
  • MozillaFirefox-debuginfo >= 3.0.11-0.1.1
  • MozillaFirefox-debugsource >= 3.0.11-0.1.1
  • mozilla-xulrunner190-debuginfo >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-debuginfo-x86 >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-debugsource >= 1.9.0.11-1.1.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
SAT Patch Nr: 1001
SLES 11 DEBUGINFO
  • MozillaFirefox-debuginfo >= 3.0.11-0.1.1
  • MozillaFirefox-debugsource >= 3.0.11-0.1.1
  • mozilla-xulrunner190-debuginfo >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-debuginfo-32bit >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-debugsource >= 1.9.0.11-1.1.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
SAT Patch Nr: 1001
SLE 11
  • mozilla-xulrunner190-devel >= 1.9.0.11-1.1.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
SAT Patch Nr: 1001
SLE 11
  • mozilla-xulrunner190-devel >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-gnomevfs-x86 >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-translations-x86 >= 1.9.0.11-1.1.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
SAT Patch Nr: 1001
SLE 11
  • mozilla-xulrunner190-devel >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-gnomevfs-32bit >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-translations-32bit >= 1.9.0.11-1.1.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
SAT Patch Nr: 1001
SLED 11
  • MozillaFirefox >= 3.0.11-0.1.1
  • MozillaFirefox-translations >= 3.0.11-0.1.1
  • mozilla-xulrunner190 >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-32bit >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-gnomevfs >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-gnomevfs-32bit >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-translations >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-translations-32bit >= 1.9.0.11-1.1.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
SAT Patch Nr: 1001
SLED 11
SLES 11
  • MozillaFirefox >= 3.0.11-0.1.1
  • MozillaFirefox-translations >= 3.0.11-0.1.1
  • mozilla-xulrunner190 >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-gnomevfs >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-translations >= 1.9.0.11-1.1.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
SAT Patch Nr: 1001
SLES 11
  • MozillaFirefox >= 3.0.11-0.1.1
  • MozillaFirefox-translations >= 3.0.11-0.1.1
  • mozilla-xulrunner190 >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-gnomevfs >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-translations >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-x86 >= 1.9.0.11-1.1.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
SAT Patch Nr: 1001
SLES 11
  • MozillaFirefox >= 3.0.11-0.1.1
  • MozillaFirefox-translations >= 3.0.11-0.1.1
  • mozilla-xulrunner190 >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-32bit >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-gnomevfs >= 1.9.0.11-1.1.1
  • mozilla-xulrunner190-translations >= 1.9.0.11-1.1.1
 sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. s390x
sle11-debuginfo. x86-64
sle11-debuginfo. x86
sle11-debuginfo. ppc
sle11-debuginfo. x86
sle11-debuginfo. x86-64
sle11-debuginfo. ia64
sle11-debuginfo. ia64
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ppc
sle11-debuginfo. s390x
sle11-debuginfo. ia64
sle11-debuginfo. x86-64
sle11-debuginfo. x86
SAT Patch Nr: 1001

Novell® Making IT Work As One

© 2009 Novell, Inc. All Rights Reserved.