Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 261386 (CVE-2009-0771) - <www-client/mozilla-firefox-3.0.7, <mail-client/mozilla-thunderbird-2.0.0.21, <www-client/seamonkey-1.1.15 Multiple vulnerabilites (CVE-2009-{0771,0772,0773,0774,0775,0776,0777})
Summary: <www-client/mozilla-firefox-3.0.7, <mail-client/mozilla-thunderbird-2.0.0.21,...
Status: RESOLVED FIXED
Alias: CVE-2009-0771
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: Gentoo Security
URL: http://www.mozilla.org/security/annou...
Whiteboard: A2 [glsa]
Keywords:
Depends on: 261585
Blocks:
  Show dependency tree
 
Reported: 2009-03-05 23:12 UTC by Stefan Behte (RETIRED)
Modified: 2013-01-08 01:03 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Behte (RETIRED) gentoo-dev Security 2009-03-05 23:12:25 UTC
CVE-2009-0771 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0771):
  The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before
  2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a
  denial of service (crash) and possibly execute arbitrary code via
  certain vectors that trigger memory corruption and assertion failures.
Comment 1 Stefan Behte (RETIRED) gentoo-dev Security 2009-03-05 23:20:59 UTC
CVE-2009-0772 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0772):
  The layout engine in Mozilla Firefox 2 and 3 before 3.0.7,
  Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote
  attackers to cause a denial of service (crash) and possibly execute
  arbitrary code via vectors related to nsCSSStyleSheet::GetOwnerNode,
  events, and garbage collection, which triggers memory corruption.

CVE-2009-0773 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0773):
  The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird
  before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to
  cause a denial of service (crash) and possibly execute arbitrary code
  via (1) a splice of an array that contains "some non-set elements,"
  which causes jsarray.cpp to pass an incorrect argument to the
  ResizeSlots function, which triggers memory corruption; (2) vectors
  related to js_DecompileValueGenerator, jsopcode.cpp,
  __defineSetter__, and watch, which triggers an assertion failure or a
  segmentation fault; and (3) vectors related to gczeal,
  __defineSetter__, and watch, which triggers a hang.

CVE-2009-0774 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0774):
  The layout engine in Mozilla Firefox 2 and 3 before 3.0.7,
  Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote
  attackers to cause a denial of service (crash) and possibly execute
  arbitrary code via vectors related to gczeal, a different
  vulnerability than CVE-2009-0773.

CVE-2009-0775 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0775):
  Double free vulnerability in Mozilla Firefox before 3.0.7,
  Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows
  remote attackers to execute arbitrary code via "cloned XUL DOM
  elements which were linked as a parent and child," which are not
  properly handled during garbage collection.

CVE-2009-0776 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0776):
  nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before
  2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to
  bypass the same-origin policy and read XML data from another domain
  via a cross-domain redirect.

CVE-2009-0777 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0777):
  Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and
  SeaMonkey before 1.1.15 decodes invisible characters when they are
  displayed in the location bar, which causes an incorrect address to
  be displayed and makes it easier for remote attackers to spoof URLs
  and conduct phishing attacks.

Comment 2 Stefan Behte (RETIRED) gentoo-dev Security 2009-03-05 23:23:22 UTC
mozilla: there are still some bugs open (for older versions only, as far as I've seen), is it ok to stable yet?
Comment 3 Raúl Porcel (RETIRED) gentoo-dev 2009-03-06 10:58:22 UTC
(In reply to comment #2)
> mozilla: there are still some bugs open (for older versions only, as far as
> I've seen), is it ok to stable yet?
> 

Yes. I don't know when seamonkey-1.1.15 is going to be out and thunderbird is scheduled for march 17-18. So feel free to go ahead
Comment 4 Stefan Behte (RETIRED) gentoo-dev Security 2009-03-07 17:20:51 UTC
Stabling of Firefox is done in #261585.
Let's see when the thunderbird and seamonkey updates are available.
Comment 5 Raúl Porcel (RETIRED) gentoo-dev 2009-03-19 16:37:39 UTC
=www-client/seamonkey-1.1.15
Arches: alpha amd64 arm hppa ia64 ppc ppc64 sparc x86
=www-client/seamonkey-bin-1.1.15
Arches: amd64 x86

=mail-client/mozilla-thunderbird-2.0.0.21
Arches: alpha amd64 ia64 ppc ppc64 sparc x86
=x11-plugins/enigmail-0.95.7-r4
Arches: alpha amd64 ia64 ppc ppc64 sparc x86
=mail-client/mozilla-thunderbird-bin-2.0.0.21
Arches: amd64 x86
Comment 6 Stefan Behte (RETIRED) gentoo-dev Security 2009-03-19 18:54:39 UTC
Arches, please test and mark stable.
Comment 7 Brent Baude (RETIRED) gentoo-dev 2009-03-20 15:06:58 UTC
ppc and ppc64 done
Comment 8 Tobias Heinlein (RETIRED) gentoo-dev 2009-03-20 22:49:15 UTC
amd64 stable
Comment 9 Markus Meier gentoo-dev 2009-03-21 00:20:06 UTC
x86 stable
Comment 10 Raúl Porcel (RETIRED) gentoo-dev 2009-03-22 17:15:11 UTC
alpha/arm/ia64/sparc stable
Comment 11 Jeroen Roovers gentoo-dev 2009-03-23 15:20:45 UTC
Stable for HPPA.
Comment 12 Tobias Heinlein (RETIRED) gentoo-dev 2009-04-04 15:05:35 UTC
Alright, already handled in glsamaker.
Comment 13 Nirbheek Chauhan (RETIRED) gentoo-dev 2010-09-16 13:21:27 UTC
Nothing for mozilla team to do here, none of the affected versions are in-tree anymore.
Comment 14 GLSAMaker/CVETool Bot gentoo-dev 2013-01-08 01:03:07 UTC
This issue was resolved and addressed in
 GLSA 201301-01 at http://security.gentoo.org/glsa/glsa-201301-01.xml
by GLSA coordinator Sean Amoss (ackle).