Red Hat Bugzilla – Bug 488272
CVE-2009-0771 Firefox 3 Layout Engine Crashes
Last modified: 2010-04-08 14:04:48 EDT
Mozilla developers identified and fixed several stability bugs in the
browser engine used in Firefox and other Mozilla-based products. Some of
these crashes showed evidence of memory corruption under certain
circumstances and we presume that with enough effort at least some of these
could be exploited to run arbitrary code.
Martijn Wargers, Jesse Ruderman, and Josh Soref reported crashes in the
layout engine which affected Firefox 3 only. Firefox 2 releases were not
Public now via:
firefox-3.0.7-1.fc9, xulrunner-22.214.171.124-1.fc9, epiphany-2.22.2-8.fc9, epiphany-extensions-2.22.1-8.fc9, blam-1.8.5-6.fc9.1, chmsee-1.0.1-9.fc9, devhelp-0.19.1-9.fc9, galeon-2.0.7-7.fc9, gnome-python2-extras-2.19.1-24.fc9, gnome-web-photo-0.3-18.fc9, google-gadgets-0.10.5-3.fc9, gtkmozembedmm-1.4.2.cvs20060817-26.fc9, kazehakase-0.5.6-1.fc9.4, Miro-1.2.7-5.fc9, mozvoikko-0.9.5-7.fc9, mugshot-1.2.2-6.fc9, ruby-gnome2-0.17.0-6.fc9, totem-2.23.2-12.fc9, yelp-2.22.1-9.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
firefox-3.0.7-1.fc10, xulrunner-126.96.36.199-1.fc10, epiphany-2.24.3-3.fc10, epiphany-extensions-2.24.0-5.fc10, blam-1.8.5-7.fc10, devhelp-0.22-5.fc10, evolution-rss-0.1.2-5.fc10, galeon-2.0.7-7.fc10, gecko-sharp2-0.13-5.fc10, gnome-python2-extras-2.19.1-27.fc10, gnome-web-photo-0.3-15.fc10, google-gadgets-0.10.5-3.fc10, kazehakase-0.5.6-1.fc10.4, Miro-2.0-4.fc10, mozvoikko-0.9.5-7.fc10, mugshot-1.2.2-6.fc10, pcmanx-gtk2-0.3.8-6.fc10, ruby-gnome2-0.18.1-4.fc10, yelp-2.24.0-6.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
seamonkey-1.1.15-3.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
seamonkey-1.1.15-3.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
This issue does not affect Seamonkey in Red Hat Enterprise Linux 3 or 4.