Bug 492211 (CVE-2009-1169)
Summary: | CVE-2009-1169 Firefox XSLT memory corruption issue | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Mark J. Cox <mjc> | ||||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||||
Status: | CLOSED ERRATA | QA Contact: | |||||||
Severity: | medium | Docs Contact: | |||||||
Priority: | low | ||||||||
Version: | unspecified | CC: | bressers, kreilly, security-response-team, vdanen | ||||||
Target Milestone: | --- | Keywords: | Security | ||||||
Target Release: | --- | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2015-08-22 16:31:55 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Bug Depends On: | 492213, 492214, 492215, 492216, 492217, 492236, 492237 | ||||||||
Bug Blocks: | |||||||||
Attachments: |
|
Comment 4
Vincent Danen
2009-03-26 03:55:13 UTC
Created attachment 336748 [details]
PoC posted on milw0rm
Created attachment 336749 [details] crashtest posted on bugzilla.mozilla.org The upstream bug is this: https://bugzilla.mozilla.org/show_bug.cgi?id=485217 Mitre CVE description: CVE-2009-1169: The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox 3.0.7 and earlier allows remote attackers to cause a denial of service (crash) via an XML file with a crafted XSLT transform. This is now public: http://www.mozilla.org/security/announce/2009/mfsa2009-12.html This issue has been addressed in following products: Red Hat Enterprise Linux 2.1 Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Via RHSA-2009:0398 https://rhn.redhat.com/errata/RHSA-2009-0398.html This issue has been addressed in following products: Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2009:0397 https://rhn.redhat.com/errata/RHSA-2009-0397.html seamonkey-1.1.15-3.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report. seamonkey-1.1.15-3.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report. seamonkey-1.1.15-3.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report. |