Hide Forgot
Mozilla security researcher moz_bug_r_a4 reported that the owner document of an element can become null after garbage collection. In such cases, event listeners may be executed within the wrong JavaScript context. An attacker could potentially use this vulnerability to have a malicious event handler execute arbitrary JavaScript with chrome privileges.
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 4 Via RHSA-2009:1095 https://rhn.redhat.com/errata/RHSA-2009-1095.html
This issue has been addressed in following products: Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Via RHSA-2009:1096 https://rhn.redhat.com/errata/RHSA-2009-1096.html
firefox-3.0.11-1.fc10, xulrunner-1.9.0.11-1.fc10, epiphany-2.24.3-7.fc10, epiphany-extensions-2.24.3-2.fc10, blam-1.8.5-11.fc10, devhelp-0.22-9.fc10, galeon-2.0.7-11.fc10, gecko-sharp2-0.13-9.fc10, gnome-python2-extras-2.19.1-31.fc10, gnome-web-photo-0.3-19.fc10, google-gadgets-0.10.5-7.fc10, kazehakase-0.5.6-4.fc10.3, Miro-2.0.3-5.fc10, mozvoikko-0.9.5-11.fc10, mugshot-1.2.2-10.fc10, pcmanx-gtk2-0.3.8-10.fc10, perl-Gtk2-MozEmbed-0.08-6.fc10.2, ruby-gnome2-0.18.1-5.fc10.3, yelp-2.24.0-10.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
firefox-3.0.11-1.fc9, xulrunner-1.9.0.11-1.fc9, epiphany-2.22.2-12.fc9, epiphany-extensions-2.22.1-12.fc9, blam-1.8.5-10.fc9.1, chmsee-1.0.1-13.fc9, devhelp-0.19.1-13.fc9, evolution-rss-0.1.0-12.fc9, galeon-2.0.7-11.fc9, gnome-python2-extras-2.19.1-28.fc9, gnome-web-photo-0.3-22.fc9, google-gadgets-0.10.5-7.fc9, gtkmozembedmm-1.4.2.cvs20060817-30.fc9, kazehakase-0.5.6-4.fc9.3, Miro-2.0.3-5.fc9, mozvoikko-0.9.5-11.fc9, mugshot-1.2.2-10.fc9, ruby-gnome2-0.17.0-10.fc9, totem-2.23.2-17.fc9, yelp-2.22.1-13.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2009:1126 https://rhn.redhat.com/errata/RHSA-2009-1126.html
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Via RHSA-2009:1125 https://rhn.redhat.com/errata/RHSA-2009-1125.html
seamonkey-1.1.17-1.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
seamonkey-1.1.17-1.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.