CVE-2009-0775

NameCVE-2009-0775
DescriptionDouble free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1751-1
NVD severityhigh (attack range: remote)

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
xulrunnersource(unstable)1.9.0.7-1high
xulrunnersourceetch(not affected)
xulrunnersourcelenny1.9.0.7-0lenny1highDSA-1751-1

Notes

[etch] - xulrunner <not-affected> (Vulnerable code not present)

Search for package or bug name: Reporting problems