Ubuntu
firefox-3.0 package

[CVE-2008-2419] Firefox JSframe heap corruption vulnerability

Bug #236762 reported by Till Ulen
254
Affects Status Importance Assigned to Milestone
firefox (Ubuntu)
Fix Released
Undecided
Unassigned
firefox-3.0 (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

Binary package hint: firefox

CVE-2008-2419 description:

"Mozilla Firefox 2.0.0.14 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code by triggering an error condition during certain Iframe operations between a JSframe write and a JSframe close, as demonstrated by an error in loading an empty Java applet defined by a 'src="javascript:"' sequence."

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2419

Are Firefox 3.0 beta 5 and rc1 also affected by this?

CVE References

Revision history for this message
Alexander Sack (asac) wrote : Re: [Bug 236762] [NEW] [CVE-2008-2419] Firefox JSframe heap corruption vulnerability

On Mon, Jun 02, 2008 at 12:13:50PM -0000, Alexander Konovalenko wrote:
> *** This bug is a security vulnerability ***
>
> Public security bug reported:
>
> Binary package hint: firefox
>
> CVE-2008-2419 description:
>
> "Mozilla Firefox 2.0.0.14 allows remote attackers to cause a denial of
> service (heap corruption and application crash) or possibly execute
> arbitrary code by triggering an error condition during certain Iframe
> operations between a JSframe write and a JSframe close, as demonstrated
> by an error in loading an empty Java applet defined by a
> 'src="javascript:"' sequence."
>
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2419
>
> Are Firefox 3.0 beta 5 and rc1 also affected by this?
>
> ** Affects: firefox (Ubuntu)
> Importance: Undecided
> Status: New
>
> ** Affects: firefox-3.0 (Ubuntu)
> Importance: Undecided
> Status: New
>
> ** Visibility changed to: Public
>
> ** CVE added: http://www.cve.mitre.org/cgi-
> bin/cvename.cgi?name=2008-2419
>

Those should be fixed on trunk, yes.

 affects ubuntu/firefox-3.0
 status fixreleased

 affects ubuntu/firefox
 status fixreleased

 - Alexander

Changed in firefox:
status: New → Fix Released
Changed in firefox-3.0:
status: New → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.