Candidate: CVE-2009-3378
PublicDate: 2009-10-29 14:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3378
 http://www.mozilla.org/security/announce/2009/mfsa2009-63.html
Description:
 The oggplay_data_handle_theora_frame function in
 media/liboggplay/src/liboggplay/oggplay_data.c in liboggplay, as used in
 Mozilla Firefox 3.5.x before 3.5.4, attempts to reuse an earlier frame data
 structure upon encountering a decoding error for the first frame, which
 allows remote attackers to cause a denial of service (NULL pointer
 dereference and application crash) or possibly execute arbitrary code via a
 crafted .ogg video file.
Ubuntu-Description:
Notes:
Bugs:
 https://bugzilla.mozilla.org/show_bug.cgi?id=500311
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_firefox:
upstream_firefox: needs-triage
dapper_firefox: ignored (reached end-of-life)
hardy_firefox: not-affected (code not present)
intrepid_firefox: DNE
jaunty_firefox: DNE
karmic_firefox: DNE
devel_firefox: not-affected


Patches_xulrunner-1.9.1:
upstream_xulrunner-1.9.1: released (1.9.1.4)
dapper_xulrunner-1.9.1: DNE
hardy_xulrunner-1.9.1: DNE
intrepid_xulrunner-1.9.1: DNE
jaunty_xulrunner-1.9.1: released (1.9.1.9+nobinonly-0ubuntu0.9.04.1)
karmic_xulrunner-1.9.1: released (1.9.1.9+nobinonly-0ubuntu0.9.10.1)
devel_xulrunner-1.9.1: released (1.9.1.9+nobinonly-0ubuntu1)

Patches_xulrunner-1.9.2:
upstream_xulrunner-1.9.2: not-affected
dapper_xulrunner-1.9.2: DNE
hardy_xulrunner-1.9.2: released (1.9.2.6+nobinonly-0ubuntu0.8.04.1)
intrepid_xulrunner-1.9.2: DNE
jaunty_xulrunner-1.9.2: needs-triage
karmic_xulrunner-1.9.2: needs-triage
devel_xulrunner-1.9.2: not-affected