[Bug 236762] [NEW] [CVE-2008-2419] Firefox JSframe heap corruption vulnerability
Alexander Sack
asac at jwsdot.com
Tue Jun 3 00:09:20 UTC 2008
On Mon, Jun 02, 2008 at 12:13:50PM -0000, Alexander Konovalenko wrote:
> *** This bug is a security vulnerability ***
>
> Public security bug reported:
>
> Binary package hint: firefox
>
> CVE-2008-2419 description:
>
> "Mozilla Firefox 2.0.0.14 allows remote attackers to cause a denial of
> service (heap corruption and application crash) or possibly execute
> arbitrary code by triggering an error condition during certain Iframe
> operations between a JSframe write and a JSframe close, as demonstrated
> by an error in loading an empty Java applet defined by a
> 'src="javascript:"' sequence."
>
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2419
>
> Are Firefox 3.0 beta 5 and rc1 also affected by this?
>
> ** Affects: firefox (Ubuntu)
> Importance: Undecided
> Status: New
>
> ** Affects: firefox-3.0 (Ubuntu)
> Importance: Undecided
> Status: New
>
> ** Visibility changed to: Public
>
> ** CVE added: http://www.cve.mitre.org/cgi-
> bin/cvename.cgi?name=2008-2419
>
Those should be fixed on trunk, yes.
affects ubuntu/firefox-3.0
status fixreleased
affects ubuntu/firefox
status fixreleased
- Alexander
** Changed in: firefox-3.0 (Ubuntu)
Status: New => Fix Released
** Changed in: firefox (Ubuntu)
Status: New => Fix Released
--
[CVE-2008-2419] Firefox JSframe heap corruption vulnerability
https://bugs.launchpad.net/bugs/236762
You received this bug notification because you are a member of Mozilla
Bugs, which is subscribed to firefox in ubuntu.
More information about the Ubuntu-mozillateam-bugs
mailing list