Candidate: CVE-2009-2477
PublicDate: 2009-07-15 15:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2477
Description:
 js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka
 TraceMonkey) in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to
 execute arbitrary code via certain use of the escape function that triggers
 access to uninitialized memory locations, as originally demonstrated by a
 document containing P and FONT elements.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/firefox-3.5/+bug/400557
Priority: medium
Discovered-by:
Assigned-to: asac
CVSS: 

Patches_firefox-3.5:
upstream_firefox-3.5: released (3.5.1)
dapper_firefox-3.5: DNE
hardy_firefox-3.5: DNE
intrepid_firefox-3.5: DNE
jaunty_firefox-3.5: released (3.5.1+build1+nobinonly-0ubuntu0.9.04.1)
devel_firefox-3.5: released (3.5.1+build1+nobinonly-0ubuntu1)

Patches_xulrunner-1.9.1:
upstream_xulrunner-1.9.1: needs-triage
dapper_xulrunner-1.9.1: DNE
hardy_xulrunner-1.9.1: DNE
intrepid_xulrunner-1.9.1: DNE
jaunty_xulrunner-1.9.1: released (1.9.1.1+build1+nobinonly-0ubuntu0.9.04.1)
devel_xulrunner-1.9.1: released (1.9.1.1+build1+nobinonly-0ubuntu1)