Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 261390 (CVE-2009-0821) - www-client/mozilla-firefox window.print DoS (CVE-2009-0821)
Summary: www-client/mozilla-firefox window.print DoS (CVE-2009-0821)
Status: RESOLVED INVALID
Alias: CVE-2009-0821
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL: http://www.securityfocus.com/bid/33969
Whiteboard: B4 [ebuild]
Keywords:
Depends on:
Blocks:
 
Reported: 2009-03-05 23:18 UTC by Stefan Behte (RETIRED)
Modified: 2011-12-13 19:40 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Behte (RETIRED) gentoo-dev Security 2009-03-05 23:18:42 UTC 
CVE-2009-0821 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0821):
  Mozilla Firefox 2.0.0.20 and earlier allows remote attackers to cause
  a denial of service (application crash) via nested calls to the
  window.print function, as demonstrated by a
  window.print(window.print()) in the onclick attribute of an INPUT
  element.
Comment 1 Nirbheek Chauhan (RETIRED) gentoo-dev 2010-09-16 13:21:54 UTC 
Nothing for mozilla team to do here, none of the affected versions are in-tree anymore.
Comment 2 Alex Legler (RETIRED) archtester gentoo-dev Security 2011-12-13 19:40:07 UTC 
There is no indication of a fixed version.
This issue is merely a Denial of Service condition that is triggered by user interaction, thus not a security issue.