The nsTextFrame::ClearTextRun function in layout/generic/nsTextFrameThebes.cpp in Mozilla Firefox 3.0.9 allows remote attackers to cause a denial of service (memory corruption) and probably execute arbitrary code via unspecified vectors. NOTE: this vulnerability reportedly exists because of an incorrect fix for CVE-2009-1302.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | 3.0.9 (including) | 3.0.9 (including) |
Red Hat Enterprise Linux 4 | RedHat | firefox-0:3.0.10-1.el4 | * |
Red Hat Enterprise Linux 5 | RedHat | firefox-0:3.0.10-1.el5 | * |
Red Hat Enterprise Linux 5 | RedHat | xulrunner-0:1.9.0.10-1.el5 | * |
Firefox-3.0 | Ubuntu | devel | * |
Firefox-3.0 | Ubuntu | hardy | * |
Firefox-3.0 | Ubuntu | intrepid | * |
Firefox-3.0 | Ubuntu | jaunty | * |
Firefox-3.0 | Ubuntu | upstream | * |