漏洞信息详情
Mozilla Firefox,SeaMonkey和Thunderbird 整数越界拒绝服务漏洞
- CNNVD编号:CNNVD-200907-286
- 危害等级: 中危
- CVE编号: CVE-2009-2535
- 漏洞类型: 数字错误
- 发布时间: 2009-06-17
- 威胁类型: 远程
- 更新时间: 2009-07-21
- 厂 商: mozilla
- 漏洞来源: Oskar Lissheim-Boe...
漏洞简介
Mozilla Firefox,SeaMonkey和Thunderbird允许远程攻击者通过为被选对象的长度属性设置超大的整数值造成拒绝服务攻击。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Debian Linux 5.0 alpha
Debian libwebkit-1.0-1-dbg_1.0.1-4+lenny2_alpha.deb
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1- dbg_1.0.1-4+lenny2_alpha.deb
Debian libwebkit-1.0-1_1.0.1-4+lenny2_alpha.deb
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-1.0-1_ 1.0.1-4+lenny2_alpha.deb
Debian libwebkit-dev_1.0.1-4+lenny2_all.deb
http://security.debian.org/pool/updates/main/w/webkit/libwebkit-dev_1. 0.1-4+lenny2_all.deb
MandrakeSoft Linux Mandrake 2008.0
Mandriva arts-1.5.10-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva free-kde-config-2008.0-29.4mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva fribidi-0.19.1-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva htdig-3.2.0-1.12mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva htdig-devel-3.2.0-1.12mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva htdig-web-3.2.0-1.12mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-af-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-ar-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-az-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-be-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-bg-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-bn-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-br-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-bs-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-ca-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-cs-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-csb-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-cy-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-da-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-de-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-el-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-en_GB-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-eo-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-es-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-eu-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-fa-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-fi-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-fr-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-fy-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-ga-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-gl-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-he-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-hi-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-hr-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-hu-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-is-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-it-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-ja-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-kk-3.5.10-0.1mdv2008.0.noarch.rpm
http://www.mandriva.com/en/download/
Mandriva kde-i18n-km-3.5.10-0.1mdv2
参考网址
来源: MISC
链接:https://bugzilla.mozilla.org/show_bug.cgi?id=460713
来源: BUGTRAQ
名称: 20090716 Re[2]: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, CMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chrome,Seamonkey,iPhone,iPod,Wii,PS3....
链接:http://www.securityfocus.com/archive/1/archive/1/505006/100/0/threaded
来源: BUGTRAQ
名称: 20090715 Re: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, CMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chrome,Seamonkey,iPhone,iPod,Wii,PS3....
链接:http://www.securityfocus.com/archive/1/archive/1/504989/100/0/threaded
来源: BUGTRAQ
名称: 20090715 Re:[GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, CMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chrome,Seamonkey,iPhone,iPod,Wii,PS3....
链接:http://www.securityfocus.com/archive/1/archive/1/504988/100/0/threaded
来源: BUGTRAQ
名称: 20090715 [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, CMS.zone.ci/e/tags/htag.php?tag=Chrome target=_blank class=infotextkey>Chrome,Seamonkey,iPhone,iPod,Wii,PS3....
链接:http://www.securityfocus.com/archive/1/archive/1/504969/100/0/threaded
来源: MILW0RM
名称: 9160
链接:http://www.milw0rm.com/exploits/9160
来源: MISC
链接:http://www.g-sec.lu/one-bug-to-rule-them-all.HTML
受影响实体
- Mozilla Thunderbird:2.0.0.7
- Mozilla Firefox:1.5:Beta2
- Mozilla Firefox:1.5:Beta1
- Mozilla Firefox:1.5.8
- Mozilla Firefox:1.5.7
补丁
暂无
评论