Candidate: CVE-2009-2664
PublicDate: 2009-08-04 16:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2664
 http://www.mozilla.org/security/announce/2009/mfsa2009-45.html
Description:
 The js_watch_set function in js/src/jsdbgapi.cpp in the JavaScript engine
 in Mozilla Firefox before 3.0.12 allows remote attackers to cause a denial
 of service (assertion failure and application exit) or possibly execute
 arbitrary code via a crafted .js file, related to a "memory safety bug."
 NOTE: this was originally reported as affecting versions before 3.0.13.
Ubuntu-Description:
Notes:
Bugs:
 https://bugzilla.mozilla.org/show_bug.cgi?id=501270
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_firefox:
upstream_firefox: needs-triage
dapper_firefox: ignored (reached end-of-life)
hardy_firefox: not-affected
intrepid_firefox: DNE
jaunty_firefox: DNE
karmic_firefox: DNE
devel_firefox: not-affected


Patches_xulrunner-1.9:
upstream_xulrunner-1.9: released (1.9.0.14)
dapper_xulrunner-1.9: DNE
hardy_xulrunner-1.9: not-affected (1.9.0.14)
intrepid_xulrunner-1.9: not-affected (1.9.0.14)
jaunty_xulrunner-1.9: not-affected (1.9.0.14)
karmic_xulrunner-1.9: DNE
devel_xulrunner-1.9: DNE

Patches_xulrunner-1.9.1:
upstream_xulrunner-1.9.1: needs-triage
dapper_xulrunner-1.9.1: DNE
hardy_xulrunner-1.9.1: DNE
intrepid_xulrunner-1.9.1: DNE
jaunty_xulrunner-1.9.1: released (1.9.1.3+build1+nobinonly-0ubuntu0.9.04.2)
karmic_xulrunner-1.9.1: not-affected
devel_xulrunner-1.9.1: not-affected