FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

firefox -- javascript garbage collector vulnerability

Affected packages
firefox < 2.0.0.14,1
linux-firefox < 2.0.0.14
linux-firefox-devel < 2.0.0.14
linux-seamonkey < 1.1.10
seamonkey < 1.1.10
flock < 1.1.2
linux-flock < 1.1.2
0 < linux-seamonkey-devel
linux-thunderbird < 2.0.0.14
thunderbird < 2.0.0.14

Details

VuXML ID 67bd39ba-12b5-11dd-bab7-0016179b2dd5
Discovery 2008-04-16
Entry 2008-04-25
Modified 2009-12-12

Mozilla Foundation reports:

Fixes for security problems in the JavaScript engine described in MFSA 2008-15 introduced a stability problem, where some users experienced crashes during JavaScript garbage collection. This is being fixed primarily to address stability concerns. We have no demonstration that this particular crash is exploitable but are issuing this advisory because some crashes of this type have been shown to be exploitable in the past.

[source]

References

Bugtraq ID 28818
CVE Name CVE-2008-1237
CVE Name CVE-2008-1380
URL http://secunia.com/advisories/29787
URL http://www.mozilla.org/security/announce/2008/mfsa2008-20.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.