PublicDateAtUSN: 2009-06-12 Candidate: CVE-2009-1832 PublicDate: 2009-06-12 21:30:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1832 https://ubuntu.com/security/notices/USN-779-1 Description: Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors involving "double frame construction." Ubuntu-Description: Notes: jdstrand> CVEs in Firefox are tracked in the xulrunner source packages. The mapping of xulrunner sources to firefox is: xulrunner (1.8.0): firefox (1.5) - Ubuntu 6.06 LTS xulrunner (1.8.1): firefox (2.0) - Ubuntu 6.10 - 8.04 LTS xulrunner-1.9: firefox-3.0 xulrunner-1.9.1: firefox-3.5 jdstrand> Ubuntu 6.06 LTS and 10.04 LTS uses the embedded xulrunner and not the system xulrunner-1.9.2, so it is tracked in the firefox source package. Bugs: Priority: low Discovered-by: Assigned-to: CVSS: Patches_firefox: upstream_firefox: needs-triage dapper_firefox: ignored (reached end-of-life) hardy_firefox: ignored (uses system xulrunner) intrepid_firefox: DNE jaunty_firefox: DNE karmic_firefox: DNE lucid_firefox: not-affected maverick_firefox: not-affected natty_firefox: not-affected oneiric_firefox: not-affected devel_firefox: not-affected Patches_xulrunner: upstream_xulrunner: needs-triage dapper_xulrunner: DNE hardy_xulrunner: ignored (reached end-of-life) intrepid_xulrunner: needed (reached end-of-life) jaunty_xulrunner: ignored (reached end-of-life) karmic_xulrunner: ignored (reached end-of-life) lucid_xulrunner: DNE maverick_xulrunner: DNE natty_xulrunner: DNE oneiric_xulrunner: DNE devel_xulrunner: DNE Patches_xulrunner-1.9: upstream_xulrunner-1.9: needs-triage dapper_xulrunner-1.9: DNE hardy_xulrunner-1.9: released (1.9.0.11+build2+nobinonly-0ubuntu0.8.04.1) intrepid_xulrunner-1.9: released (1.9.0.11+build2+nobinonly-0ubuntu0.8.10.2) jaunty_xulrunner-1.9: released (1.9.0.11+build2+nobinonly-0ubuntu0.9.04.1) karmic_xulrunner-1.9: DNE lucid_xulrunner-1.9: DNE maverick_xulrunner-1.9: DNE natty_xulrunner-1.9: DNE oneiric_xulrunner-1.9: DNE devel_xulrunner-1.9: DNE Patches_xulrunner-1.9.1: upstream_xulrunner-1.9.1: needs-triage dapper_xulrunner-1.9.1: DNE hardy_xulrunner-1.9.1: DNE intrepid_xulrunner-1.9.1: DNE jaunty_xulrunner-1.9.1: released (1.9.1+nobinonly-0ubuntu0.9.04.1) karmic_xulrunner-1.9.1: released (1.9.1~rc2+nobinonly-0ubuntu1) lucid_xulrunner-1.9.1: DNE maverick_xulrunner-1.9.1: DNE natty_xulrunner-1.9.1: DNE oneiric_xulrunner-1.9.1: DNE devel_xulrunner-1.9.1: DNE Patches_seamonkey: upstream_seamonkey: released (1.1.17) dapper_seamonkey: DNE hardy_seamonkey: released (1.1.17+nobinonly-0ubuntu0.8.04.1) intrepid_seamonkey: released (1.1.17+nobinonly-0ubuntu0.8.10.1) jaunty_seamonkey: released (1.1.17+nobinonly-0ubuntu0.9.04.1) karmic_seamonkey: released (1.1.17+nobinonly-0ubuntu1) lucid_seamonkey: not-affected maverick_seamonkey: not-affected natty_seamonkey: not-affected oneiric_seamonkey: not-affected devel_seamonkey: not-affected Patches_thunderbird: upstream_thunderbird: released (2.0.0.23) dapper_thunderbird: DNE hardy_thunderbird: not-affected intrepid_thunderbird: not-affected jaunty_thunderbird: not-affected karmic_thunderbird: not-affected lucid_thunderbird: not-affected maverick_thunderbird: not-affected natty_thunderbird: not-affected oneiric_thunderbird: not-affected devel_thunderbird: not-affected Patches_mozilla-thunderbird: upstream_mozilla-thunderbird: needs-triage dapper_mozilla-thunderbird: ignored (reached end-of-life) hardy_mozilla-thunderbird: DNE intrepid_mozilla-thunderbird: DNE jaunty_mozilla-thunderbird: DNE karmic_mozilla-thunderbird: DNE lucid_mozilla-thunderbird: DNE maverick_mozilla-thunderbird: DNE natty_mozilla-thunderbird: DNE oneiric_mozilla-thunderbird: DNE devel_mozilla-thunderbird: DNE