Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 261390 (CVE-2009-0821)

Summary: www-client/mozilla-firefox window.print DoS (CVE-2009-0821)
Product: Gentoo Security Reporter: Stefan Behte (RETIRED) <craig>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED INVALID    
Severity: minor    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.securityfocus.com/bid/33969
Whiteboard: B4 [ebuild]
Package list:
Runtime testing required: ---

Description Stefan Behte (RETIRED) gentoo-dev Security 2009-03-05 23:18:42 UTC 
CVE-2009-0821 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0821):
  Mozilla Firefox 2.0.0.20 and earlier allows remote attackers to cause
  a denial of service (application crash) via nested calls to the
  window.print function, as demonstrated by a
  window.print(window.print()) in the onclick attribute of an INPUT
  element.
Comment 1 Nirbheek Chauhan (RETIRED) gentoo-dev 2010-09-16 13:21:54 UTC 
Nothing for mozilla team to do here, none of the affected versions are in-tree anymore.
Comment 2 Alex Legler (RETIRED) archtester gentoo-dev Security 2011-12-13 19:40:07 UTC 
There is no indication of a fixed version.
This issue is merely a Denial of Service condition that is triggered by user interaction, thus not a security issue.