Bug 530162 - (CVE-2009-1563) CVE-2009-0689 (rejected CVE-2009-1563) Firefox heap buffer overflow in string to number conversion
CVE-2009-0689 (rejected CVE-2009-1563) Firefox heap buffer overflow in string...
Status: CLOSED DUPLICATE of bug 539784
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
urgent Severity urgent
: ---
: ---
Assigned To: Red Hat Product Security
http://web.nvd.nist.gov/view/vuln/det...
impact=critical,source=mozilla,report...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2009-10-21 14:19 EDT by Josh Bressers
Modified: 2016-03-04 07:40 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-12-20 13:25:35 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Josh Bressers 2009-10-21 14:19:55 EDT
Security researcher Alin Rad Pop of Secunia Research reported a heap-based
buffer overflow in Mozilla's string to floating point number conversion
routines. Using this vulnerability an attacker could craft some malicious
JavaScript code containing a very long string to be converted to a floating
point number which would result in improper memory allocation and the
execution of an arbitrary memory location. This vulnerability could thus be
leveraged by the attacker to run arbitrary code on a victim's computer.
Comment 1 errata-xmlrpc 2009-10-27 18:59:11 EDT
This issue has been addressed in following products:

  Red Hat Enterprise Linux 4
  Red Hat Enterprise Linux 5

Via RHSA-2009:1530 https://rhn.redhat.com/errata/RHSA-2009-1530.html
Comment 2 errata-xmlrpc 2009-10-27 19:57:42 EDT
This issue has been addressed in following products:

  Red Hat Enterprise Linux 3
  Red Hat Enterprise Linux 4

Via RHSA-2009:1531 https://rhn.redhat.com/errata/RHSA-2009-1531.html
Comment 3 Fedora Update System 2009-10-28 22:57:42 EDT
blam-1.8.5-15.fc11, chmsee-1.0.1-12.fc11, epiphany-2.26.3-5.fc11, epiphany-extensions-2.26.1-7.fc11, evolution-rss-0.1.4-5.fc11, firefox-3.5.4-1.fc11, galeon-2.0.7-17.fc11, gnome-python2-extras-2.25.3-8.fc11, gnome-web-photo-0.7-7.fc11, google-gadgets-0.11.1-2.fc11, hulahop-0.4.9-9.fc11, kazehakase-0.5.8-2.fc11.1, Miro-2.5.2-5.fc11, monodevelop-2.0-6.fc11, mozvoikko-0.9.7-0.8.rc1.fc11, pcmanx-gtk2-0.3.8-9.fc11, ruby-gnome2-0.19.3-3.fc11, seahorse-plugins-2.26.2-7.fc11, xulrunner-1.9.1.4-1.fc11, yelp-2.26.0-8.fc11, eclipse-3.4.2-17.fc11, perl-Gtk2-MozEmbed-0.08-6.fc11.6 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 4 Fedora Update System 2009-11-04 07:29:32 EST
blam-1.8.5-15.fc10, epiphany-2.24.3-11.fc10, epiphany-extensions-2.24.3-6.fc10, evolution-rss-0.1.4-5.fc10, firefox-3.0.15-1.fc10, galeon-2.0.7-15.fc10, gecko-sharp2-0.13-13.fc10, gnome-python2-extras-2.19.1-35.fc10, gnome-web-photo-0.3-23.fc10, google-gadgets-0.10.5-11.fc10, kazehakase-0.5.6-4.fc10.7, Miro-2.0.5-5.fc10, mozvoikko-0.9.5-15.fc10, mugshot-1.2.2-14.fc10, pcmanx-gtk2-0.3.8-14.fc10, perl-Gtk2-MozEmbed-0.08-6.fc10.6, ruby-gnome2-0.19.3-3.fc10, xulrunner-1.9.0.15-1.fc10, yelp-2.24.0-14.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 8 Mark J. Cox (Product Security) 2009-12-03 09:11:45 EST
Note that Mitre will reject CVE-2009-1563 and mark it a duplicate of CVE-2009-0689.
Comment 9 Jan Lieskovsky 2010-03-17 07:49:14 EDT
CVE-2009-1563 has been rejected:
  [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1563

Notes: All CVE users should reference CVE-2009-0689 instead of this candidate.
Comment 10 errata-xmlrpc 2010-03-17 08:38:59 EDT
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2010:0153 https://rhn.redhat.com/errata/RHSA-2010-0153.html
Comment 11 errata-xmlrpc 2010-03-17 09:25:23 EDT
This issue has been addressed in following products:

  Red Hat Enterprise Linux 4

Via RHSA-2010:0154 https://rhn.redhat.com/errata/RHSA-2010-0154.html
Comment 12 Vincent Danen 2010-12-20 13:24:46 EST
Statement:

This CVE entry is a duplicate of CVE-2009-0689 and has been rejected; please refer to that CVE entry for additional product fixes and information.
Comment 13 Vincent Danen 2010-12-20 13:25:35 EST

*** This bug has been marked as a duplicate of bug 539784 ***

Note You need to log in before you can comment on or make changes to this bug.