Search for packages
| purl | pkg:rpm/redhat/xulrunner@1.9.0.15-3?arch=el5_4 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-16d6-e24t-dfb7
Aliases: CVE-2009-3384 |
Firefox integer underflow in FTP directory list parser | There are no reported fixed by versions. |
|
VCID-2jhf-j64s-gygy
Aliases: CVE-2009-0689 |
Security researcher Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in Mozilla's string to floating point number conversion routines. Using this vulnerability an attacker could craft some malicious JavaScript code containing a very long string to be converted to a floating point number which would result in improper memory allocation and the execution of an arbitrary memory location. This vulnerability could thus be leveraged by the attacker to run arbitrary code on a victim's computer.Update: The underlying flaw in the dtoa routines used by Mozilla appears to be essentially the same as that reported against the libc gdtoa routine by Maksymilian Arciemowicz. | There are no reported fixed by versions. |
|
VCID-4vaj-81k4-n3a6
Aliases: CVE-2009-3374 |
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. | There are no reported fixed by versions. |
|
VCID-58z4-jhs8-kyay
Aliases: CVE-2009-3372 |
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. | There are no reported fixed by versions. |
|
VCID-5bdt-dd2k-c7gq
Aliases: CVE-2009-3376 |
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. | There are no reported fixed by versions. |
|
VCID-aw3w-yap1-u7cx
Aliases: CVE-2009-3375 |
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. | There are no reported fixed by versions. |
|
VCID-b76x-3z8j-4fa9
Aliases: CVE-2009-3274 |
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. | There are no reported fixed by versions. |
|
VCID-h68j-ht6w-jqbm
Aliases: CVE-2009-3373 |
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. | There are no reported fixed by versions. |
|
VCID-nx8g-hhbk-yyep
Aliases: CVE-2009-3370 |
Mozilla upgraded several third party libraries used in media rendering to address multiple memory safety and stability bugs identified by members of the Mozilla community. Some of the bugs discovered could potentially be used by an attacker to crash a victim's browser and execute arbitrary code on their computer. liboggz, libvorbis, and liboggplay were all upgraded to address these issues.Audio and video capabilities were added in Firefox 3.5 so prior releases of Firefox were not affected. | There are no reported fixed by versions. |
|
VCID-qqg4-kz4u-hbh8
Aliases: CVE-2009-1563 |
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. | There are no reported fixed by versions. |
|
VCID-sua6-rkjm-qyge
Aliases: CVE-2009-3382 |
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. | There are no reported fixed by versions. |
|
VCID-yn4z-ymst-1bew
Aliases: CVE-2009-3380 |
Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may allow execution of arbitrary code or local privilege escalation. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||