漏洞信息详情
Mozilla Firefox Javascript Web-Workers 远程代码执行漏洞
- CNNVD编号:CNNVD-200910-420
- 危害等级: 超危
- CVE编号: CVE-2009-3371
- 漏洞类型: 资源管理错误
- 发布时间: 2009-10-29
- 威胁类型: 远程
- 更新时间: 2009-10-29
- 厂 商: mozilla
- 漏洞来源: Orlando Berrera
漏洞简介
Mozilla Firefox,中文名为火狐,是由Mozilla基金会与开源团体共同开发的网页浏览器。
Mozilla Firefox存在Use-after-free漏洞。远程攻击者可以通过递归地创建Javascript web-workers,造成拒绝服务(应用程序崩溃)或执行任意代码。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Slackware Linux 12.2
Slackware mozilla-Firefox-3.0.15-i686-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/ mozilla-Firefox-3.0.15-i686-1.tgz
MandrakeSoft Linux Mandrake 2010.0
Mandriva beagle-0.3.9-19.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva beagle-crawl-system-0.3.9-19.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva beagle-doc-0.3.9-19.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva beagle-evolution-0.3.9-19.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva beagle-gui-0.3.9-19.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva beagle-gui-qt-0.3.9-19.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva beagle-libs-0.3.9-19.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva epiphany-2.28.1-1.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva epiphany-devel-2.28.1-1.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva epiphany-extensions-2.28.1-1.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-af-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-ar-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-be-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-bg-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-bn-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-ca-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-cs-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-cy-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-da-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-de-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-devel-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-el-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-en_GB-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-eo-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-es_AR-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-es_ES-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-et-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-eu-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-ext-beagle-0.3.9-19.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-ext-blogrovr-1.1.804-6.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-ext-foxmarks-2.7.2-2.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-ext-mozvoikko-1.0-6.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-ext-plasmanotify-0.3.0-6.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-ext-r-kiOSk-0.7.2-9.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-ext-scribefire-3.4.5-1.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-fi-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-fr-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-fy-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-ga_IE-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-gl-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-gu_IN-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva Firefox-he-3.5.4-0.1mdv2010.0.i586.rpm
http://www.mandriva.com/
参考网址
来源: www.mozilla.org
链接:http://www.mozilla.org/security/announce/2009/mfsa2009-54.HTML
来源: bugzilla.mozilla.org
链接:https://bugzilla.mozilla.org/show_bug.cgi?id=514554
来源: MANDRIVA
名称: MDVSA-2009:294
链接:http://www.mandriva.com/security/advisories?name=MDVSA-2009:294
受影响实体
补丁
暂无
评论