Vulnerability & Exploit Database

Displaying entries 1 - 10 of 13 in total

Results for: CVE-2009-1304 Back to search

USN-764-1: Firefox and Xulrunner vulnerabilities Vulnerability

  • Severity: 7
  • Published: April 22, 2009

The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modify Local Shared Objects via a Flash file...

SUSE Linux Security Vulnerability: CVE-2009-1304 Vulnerability

  • Severity: 5
  • Published: April 22, 2009

The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definitions of Math and Date; and (2) js_CheckR...

MFSA2009-14 Thunderbird: Crashes with evidence of memory corruption (rv:1.9.0.9) (CVE-2009-1304) Vulnerability

  • Severity: 5
  • Published: April 22, 2009

The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definitions of Math and Date; and (2) js_CheckR...

MFSA2009-14 SeaMonkey: Crashes with evidence of memory corruption (rv:1.9.0.9) (CVE-2009-1304) Vulnerability

  • Severity: 5
  • Published: April 22, 2009

The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definitions of Math and Date; and (2) js_CheckR...

MFSA2009-14 Firefox: Crashes with evidence of memory corruption (rv:1.9.0.9) (CVE-2009-1304) Vulnerability

  • Severity: 5
  • Published: April 22, 2009

The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definitions of Math and Date; and (2) js_CheckR...

RHSA-2009:0436: firefox security update Vulnerability

  • Severity: 7
  • Published: April 22, 2009

Mozilla Firefox is an open source Web browser. XULRunner provides the XULRuntime environment for Mozilla Firefox.Several flaws were found in the processing of malformed web content. A webpage containing malicious content could cause Firefox to crash or,potentially, execute arbitrary code as the user running Firefox.(CVE-2009-1302, CVE-20...

Gentoo Linux: CVE-2009-1304: Mozilla Products: Multiple vulnerabilities Vulnerability

  • Severity: 5
  • Published: April 22, 2009

The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definitions of Math and Date; and (2) js_CheckR...

FreeBSD: mozilla -- multiple vulnerabilities (Multiple CVEs) Vulnerability

  • Severity: 7
  • Published: April 22, 2009

The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modify Local Shared Objects via a Flash file...

Cent OS: CVE-2009-1304: CESA-2009:0436 (No RH alert RHSA-2009:0436-01) Vulnerability

  • Severity: 5
  • Published: April 22, 2009

The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definitions of Math and Date; and (2) js_CheckR...

SUSE Linux Security Advisory: SUSE-SR:2009:010 Vulnerability

  • Severity: 10
  • Published: April 16, 2009

Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.