Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 265165 (CVE-2009-1232)

Summary: <=www-client/mozilla-firefox-3.0.8 DOS (CVE-2009-1232)
Product: Gentoo Security Reporter: Stefan Behte (RETIRED) <craig>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED OBSOLETE    
Severity: normal    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.milw0rm.com/exploits/8306
Whiteboard: A3 [upstream]
Package list:
Runtime testing required: ---

Description Stefan Behte (RETIRED) gentoo-dev Security 2009-04-06 22:15:33 UTC 
CVE-2009-1232 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1232):
  The XUL parser in Mozilla Firefox 3.0.8 and earlier 3.0.x versions
  allows remote attackers to cause a denial of service (memory
  corruption) via an XML document composed of a long series of
  start-tags with no corresponding end-tags.
Comment 1 Nirbheek Chauhan (RETIRED) gentoo-dev 2010-09-16 13:22:58 UTC 
Nothing for mozilla team to do here, none of the affected versions are in-tree anymore.