CVE-2009-2463

Priority
Description
Multiple integer overflows in the (1) PL_Base64Decode and (2)
PL_Base64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla
Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before
1.1.19 allow remote attackers to cause a denial of service (memory
corruption and application crash) or possibly execute arbitrary code via
unspecified vectors that trigger buffer overflows.
Notes
jdstrandCVEs in Firefox are tracked in the xulrunner source packages. The
mapping of xulrunner sources to firefox is:
xulrunner (1.8.0): firefox (1.5) - Ubuntu 6.06 LTS
xulrunner (1.8.1): firefox (2.0) - Ubuntu 6.10 - 8.04 LTS
xulrunner-1.9: firefox-3.0
xulrunner-1.9.1: firefox-3.5
Ubuntu 6.06 LTS and 10.04 LTS uses the embedded xulrunner and not
the system xulrunner-1.9.2, so it is tracked in the firefox source package.
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:released (2.0.0.24)
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2019-12-05 20:53:29 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)