Bug 530162 (CVE-2009-1563) - CVE-2009-0689 (rejected CVE-2009-1563) Firefox heap buffer overflow in string to number conversion
Summary: CVE-2009-0689 (rejected CVE-2009-1563) Firefox heap buffer overflow in string...
Status: CLOSED DUPLICATE of bug 539784
Alias: CVE-2009-1563
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
urgent
urgent
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL: http://web.nvd.nist.gov/view/vuln/det...
Whiteboard: impact=critical,source=mozilla,report...
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2009-10-21 18:19 UTC by Josh Bressers
Modified: 2019-06-08 12:51 UTC (History)
5 users (show)

(edit)
Clone Of:
(edit)
Last Closed: 2010-12-20 18:25:35 UTC


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2009:1530 normal SHIPPED_LIVE Critical: firefox security update 2009-10-27 22:59:02 UTC
Red Hat Product Errata RHSA-2009:1531 normal SHIPPED_LIVE Critical: seamonkey security update 2009-10-27 23:57:36 UTC
Red Hat Product Errata RHSA-2010:0153 normal SHIPPED_LIVE Moderate: thunderbird security update 2010-03-17 12:38:49 UTC
Red Hat Product Errata RHSA-2010:0154 normal SHIPPED_LIVE Moderate: thunderbird security update 2010-03-17 13:22:56 UTC

Description Josh Bressers 2009-10-21 18:19:55 UTC
Security researcher Alin Rad Pop of Secunia Research reported a heap-based
buffer overflow in Mozilla's string to floating point number conversion
routines. Using this vulnerability an attacker could craft some malicious
JavaScript code containing a very long string to be converted to a floating
point number which would result in improper memory allocation and the
execution of an arbitrary memory location. This vulnerability could thus be
leveraged by the attacker to run arbitrary code on a victim's computer.

Comment 1 errata-xmlrpc 2009-10-27 22:59:11 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 4
  Red Hat Enterprise Linux 5

Via RHSA-2009:1530 https://rhn.redhat.com/errata/RHSA-2009-1530.html

Comment 2 errata-xmlrpc 2009-10-27 23:57:42 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 3
  Red Hat Enterprise Linux 4

Via RHSA-2009:1531 https://rhn.redhat.com/errata/RHSA-2009-1531.html

Comment 3 Fedora Update System 2009-10-29 02:57:42 UTC
blam-1.8.5-15.fc11, chmsee-1.0.1-12.fc11, epiphany-2.26.3-5.fc11, epiphany-extensions-2.26.1-7.fc11, evolution-rss-0.1.4-5.fc11, firefox-3.5.4-1.fc11, galeon-2.0.7-17.fc11, gnome-python2-extras-2.25.3-8.fc11, gnome-web-photo-0.7-7.fc11, google-gadgets-0.11.1-2.fc11, hulahop-0.4.9-9.fc11, kazehakase-0.5.8-2.fc11.1, Miro-2.5.2-5.fc11, monodevelop-2.0-6.fc11, mozvoikko-0.9.7-0.8.rc1.fc11, pcmanx-gtk2-0.3.8-9.fc11, ruby-gnome2-0.19.3-3.fc11, seahorse-plugins-2.26.2-7.fc11, xulrunner-1.9.1.4-1.fc11, yelp-2.26.0-8.fc11, eclipse-3.4.2-17.fc11, perl-Gtk2-MozEmbed-0.08-6.fc11.6 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 4 Fedora Update System 2009-11-04 12:29:32 UTC
blam-1.8.5-15.fc10, epiphany-2.24.3-11.fc10, epiphany-extensions-2.24.3-6.fc10, evolution-rss-0.1.4-5.fc10, firefox-3.0.15-1.fc10, galeon-2.0.7-15.fc10, gecko-sharp2-0.13-13.fc10, gnome-python2-extras-2.19.1-35.fc10, gnome-web-photo-0.3-23.fc10, google-gadgets-0.10.5-11.fc10, kazehakase-0.5.6-4.fc10.7, Miro-2.0.5-5.fc10, mozvoikko-0.9.5-15.fc10, mugshot-1.2.2-14.fc10, pcmanx-gtk2-0.3.8-14.fc10, perl-Gtk2-MozEmbed-0.08-6.fc10.6, ruby-gnome2-0.19.3-3.fc10, xulrunner-1.9.0.15-1.fc10, yelp-2.24.0-14.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 8 Mark J. Cox 2009-12-03 14:11:45 UTC
Note that Mitre will reject CVE-2009-1563 and mark it a duplicate of CVE-2009-0689.

Comment 9 Jan Lieskovsky 2010-03-17 11:49:14 UTC
CVE-2009-1563 has been rejected:
  [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1563

Notes: All CVE users should reference CVE-2009-0689 instead of this candidate.

Comment 10 errata-xmlrpc 2010-03-17 12:38:59 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2010:0153 https://rhn.redhat.com/errata/RHSA-2010-0153.html

Comment 11 errata-xmlrpc 2010-03-17 13:25:23 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 4

Via RHSA-2010:0154 https://rhn.redhat.com/errata/RHSA-2010-0154.html

Comment 12 Vincent Danen 2010-12-20 18:24:46 UTC
Statement:

This CVE entry is a duplicate of CVE-2009-0689 and has been rejected; please refer to that CVE entry for additional product fixes and information.

Comment 13 Vincent Danen 2010-12-20 18:25:35 UTC

*** This bug has been marked as a duplicate of bug 539784 ***


Note You need to log in before you can comment on or make changes to this bug.