Candidate: CVE-2009-2479
PublicDate: 2009-07-16 15:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2479
Description:
 Mozilla Firefox 3.0.x, 3.5, and 3.5.1 on Windows allows remote attackers to
 cause a denial of service (uncaught exception and application crash) via a
 long Unicode string argument to the write method. NOTE: this was originally
 reported as a stack-based buffer overflow. NOTE: on Linux and Mac OS X, a
 crash resulting from this long string reportedly occurs in an
 operating-system library, not in Firefox.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_firefox-3.5:
upstream_firefox-3.5: needs-triage
dapper_firefox-3.5: DNE
hardy_firefox-3.5: DNE
intrepid_firefox-3.5: DNE
jaunty_firefox-3.5: released (3.5.3+build1+nobinonly-0ubuntu0.9.04.2)
devel_firefox-3.5: not-affected

Patches_xulrunner-1.9.1:
upstream_xulrunner-1.9.1: needs-triage
dapper_xulrunner-1.9.1: DNE
hardy_xulrunner-1.9.1: DNE
intrepid_xulrunner-1.9.1: DNE
jaunty_xulrunner-1.9.1: released (1.9.1.3+build1+nobinonly-0ubuntu0.9.04.2)
devel_xulrunner-1.9.1: not-affected