CVE-2009-1392

Published: Jun 12, 2009Modified: Apr 23, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

The browser engine in Mozilla Firefox 3 before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) nsEventStateManager::GetContentState and nsNativeTheme::CheckBooleanAttr; (2) UnhookTextRunFromFrames and ClearAllTextRunReferences; (3) nsTextFrame::ClearTextRun; (4) IsPercentageAware; (5) PL_DHashTableFinish; (6) nsListBoxBodyFrame::GetNextItemBox; (7) AtomTableClearEntry, related to the atom table, DOM mutation events, and Unicode surrogates; (8) nsHTMLEditor::HideResizers; and (9) nsWindow::SetCursor, related to changing the cursor; and other vectors.

Affected (112)

Products: Mozilla: Firefox, Seamonkey, Thunderbird

3 products

Configuration A

112 vulnerable

Vulnerable Software	Affected Versions
Mozilla Firefox	Version 3.0.10
Mozilla Firefox	Version 3.0.1
Mozilla Firefox	Version 3.0.2
Mozilla Firefox	Version 3.0.3
Mozilla Firefox	Version 3.0.4
Mozilla Firefox	Version 3.0.5
Mozilla Firefox	Version 3.0.6
Mozilla Firefox	Version 3.0.7
Mozilla Firefox	Version 3.0.8
Mozilla Firefox	Version 3.0.9
Mozilla Firefox	Version 3.0
Mozilla Firefox	Version 3.0 alpha
Mozilla Firefox	Version 3.0 beta2
Mozilla Seamonkey	Up to 1.1.16
Mozilla Seamonkey	Version 1.0.1
Mozilla Seamonkey	Version 1.0.3
Mozilla Seamonkey	Version 1.0.4
Mozilla Seamonkey	Version 1.0.6
Mozilla Seamonkey	Version 1.0.8
Mozilla Seamonkey	Version 1.0.99
Mozilla Seamonkey	Version 1.0.9
Mozilla Seamonkey	Version 1.0
Mozilla Seamonkey	Version 1.0
Mozilla Seamonkey	Version 1.0
Mozilla Seamonkey	Version 1.0
Mozilla Seamonkey	Version 1.0 alpha
Mozilla Seamonkey	Version 1.0 beta
Mozilla Seamonkey	Version 1.1.10
Mozilla Seamonkey	Version 1.1.11
Mozilla Seamonkey	Version 1.1.12
Mozilla Seamonkey	Version 1.1.13
Mozilla Seamonkey	Version 1.1.15
Mozilla Seamonkey	Version 1.1.1
Mozilla Seamonkey	Version 1.1.3
Mozilla Seamonkey	Version 1.1.5
Mozilla Seamonkey	Version 1.1.5 1.1.10
Mozilla Seamonkey	Version 1.1.6
Mozilla Seamonkey	Version 1.1.7
Mozilla Seamonkey	Version 1.1.8
Mozilla Seamonkey	Version 1.1.9
Mozilla Seamonkey	Version 1.1
Mozilla Seamonkey	Version 1.1 alpha
Mozilla Seamonkey	Version 1.1 beta
Mozilla Thunderbird	Up to 2.0.0.19
Mozilla Thunderbird	Version 0.1
Mozilla Thunderbird	Version 0.2
Mozilla Thunderbird	Version 0.3
Mozilla Thunderbird	Version 0.4
Mozilla Thunderbird	Version 0.5
Mozilla Thunderbird	Version 0.6
Mozilla Thunderbird	Version 0.7.1
Mozilla Thunderbird	Version 0.7.2
Mozilla Thunderbird	Version 0.7.3
Mozilla Thunderbird	Version 0.7
Mozilla Thunderbird	Version 0.8
Mozilla Thunderbird	Version 0.9
Mozilla Thunderbird	Version 1.0.1
Mozilla Thunderbird	Version 1.0.2
Mozilla Thunderbird	Version 1.0.3
Mozilla Thunderbird	Version 1.0.4
Mozilla Thunderbird	Version 1.0.5
Mozilla Thunderbird	Version 1.0.5 beta
Mozilla Thunderbird	Version 1.0.6
Mozilla Thunderbird	Version 1.0.7
Mozilla Thunderbird	Version 1.0.8
Mozilla Thunderbird	Version 1.0
Mozilla Thunderbird	Version 1.5.0.10
Mozilla Thunderbird	Version 1.5.0.11
Mozilla Thunderbird	Version 1.5.0.12
Mozilla Thunderbird	Version 1.5.0.13
Mozilla Thunderbird	Version 1.5.0.14
Mozilla Thunderbird	Version 1.5.0.1
Mozilla Thunderbird	Version 1.5.0.2
Mozilla Thunderbird	Version 1.5.0.3
Mozilla Thunderbird	Version 1.5.0.4
Mozilla Thunderbird	Version 1.5.0.5
Mozilla Thunderbird	Version 1.5.0.6
Mozilla Thunderbird	Version 1.5.0.7
Mozilla Thunderbird	Version 1.5.0.8
Mozilla Thunderbird	Version 1.5.0.9
Mozilla Thunderbird	Version 1.5.1
Mozilla Thunderbird	Version 1.5.2
Mozilla Thunderbird	Version 1.5
Mozilla Thunderbird	Version 1.5 beta2
Mozilla Thunderbird	Version 1.7.1
Mozilla Thunderbird	Version 1.7.3
Mozilla Thunderbird	Version 2.0.0.0
Mozilla Thunderbird	Version 2.0.0.11
Mozilla Thunderbird	Version 2.0.0.12
Mozilla Thunderbird	Version 2.0.0.13
Mozilla Thunderbird	Version 2.0.0.14
Mozilla Thunderbird	Version 2.0.0.15
Mozilla Thunderbird	Version 2.0.0.16
Mozilla Thunderbird	Version 2.0.0.17
Mozilla Thunderbird	Version 2.0.0.18
Mozilla Thunderbird	Version 2.0.0.1
Mozilla Thunderbird	Version 2.0.0.2
Mozilla Thunderbird	Version 2.0.0.3
Mozilla Thunderbird	Version 2.0.0.4
Mozilla Thunderbird	Version 2.0.0.5
Mozilla Thunderbird	Version 2.0.0.6
Mozilla Thunderbird	Version 2.0.0.7
Mozilla Thunderbird	Version 2.0.0.8
Mozilla Thunderbird	Version 2.0.0.9
Mozilla Thunderbird	Version 2.0_.12
Mozilla Thunderbird	Version 2.0_.13
Mozilla Thunderbird	Version 2.0_.14
Mozilla Thunderbird	Version 2.0_.4
Mozilla Thunderbird	Version 2.0_.5
Mozilla Thunderbird	Version 2.0_.6
Mozilla Thunderbird	Version 2.0_.9
Mozilla Thunderbird	Version 2.0_8

Related CWEs

CWE-94

Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References (98)

http://osvdb.org/55144

Source: secalert@redhat.com

http://osvdb.org/55145

Source: secalert@redhat.com

http://osvdb.org/55146

Source: secalert@redhat.com

http://osvdb.org/55147

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2009-1096.html

Source: secalert@redhat.com

PatchVendor Advisory

http://secunia.com/advisories/35331

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/35415

Source: secalert@redhat.com

http://secunia.com/advisories/35428

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/35431

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/35439

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/35440

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/35468

Source: secalert@redhat.com

http://secunia.com/advisories/35536

Source: secalert@redhat.com

http://secunia.com/advisories/35561

Source: secalert@redhat.com

http://secunia.com/advisories/35602

Source: secalert@redhat.com

http://securitytracker.com/id?1022376

Source: secalert@redhat.com

Patch

http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.372468

Source: secalert@redhat.com

http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.425408

Source: secalert@redhat.com

http://sunsolve.sun.com/search/document.do?assetkey=1-26-265068-1

Source: secalert@redhat.com

http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020800.1-1

Source: secalert@redhat.com

http://www.debian.org/security/2009/dsa-1820

Source: secalert@redhat.com

http://www.debian.org/security/2009/dsa-1830

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2009:141

Source: secalert@redhat.com

http://www.mozilla.org/security/announce/2009/mfsa2009-24.html

Source: secalert@redhat.com

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2009-1125.html

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2009-1126.html

Source: secalert@redhat.com

http://www.securityfocus.com/bid/35326

Source: secalert@redhat.com

http://www.securityfocus.com/bid/35370

Source: secalert@redhat.com

http://www.securitytracker.com/id?1022397

Source: secalert@redhat.com

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.454275

Source: secalert@redhat.com

http://www.ubuntu.com/usn/usn-782-1

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2009/1572

Source: secalert@redhat.com

PatchVendor Advisory

http://www.vupen.com/english/advisories/2009/2152

Source: secalert@redhat.com

https://bugzilla.mozilla.org/show_bug.cgi?id=380359

Source: secalert@redhat.com

Exploit

https://bugzilla.mozilla.org/show_bug.cgi?id=429969

Source: secalert@redhat.com

Exploit

https://bugzilla.mozilla.org/show_bug.cgi?id=431086

Source: secalert@redhat.com

Exploit

https://bugzilla.mozilla.org/show_bug.cgi?id=432068

Source: secalert@redhat.com

Exploit

https://bugzilla.mozilla.org/show_bug.cgi?id=451341

Source: secalert@redhat.com

Exploit

https://bugzilla.mozilla.org/show_bug.cgi?id=472776

Source: secalert@redhat.com

Exploit

https://bugzilla.mozilla.org/show_bug.cgi?id=486398

Source: secalert@redhat.com

Exploit

https://bugzilla.mozilla.org/show_bug.cgi?id=489041

Source: secalert@redhat.com

Exploit

https://bugzilla.mozilla.org/show_bug.cgi?id=490410

Source: secalert@redhat.com

Exploit

https://bugzilla.mozilla.org/show_bug.cgi?id=490425

Source: secalert@redhat.com

https://bugzilla.mozilla.org/show_bug.cgi?id=490513

Source: secalert@redhat.com

Exploit

https://bugzilla.redhat.com/show_bug.cgi?id=503568

Source: secalert@redhat.com

Exploit

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9501

Source: secalert@redhat.com

https://rhn.redhat.com/errata/RHSA-2009-1095.html

Source: secalert@redhat.com

PatchVendor Advisory

https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00574.html

Source: secalert@redhat.com

https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00657.html

Source: secalert@redhat.com

http://osvdb.org/55144