Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2009-3389

Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used in Mozilla Firefox 3.5 before 3.5.6 and SeaMonkey before 2.0.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a video with large dimensions.

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.theora.org/...
CONFIRM: http://www.mozilla.org...
CONFIRM: https://bugzilla.mozil...
CONFIRM: https://bugzilla.mozil...
FEDORA: FEDORA-2009-13333
FEDORA: FEDORA-2009-13362
FEDORA: FEDORA-2009-13366
UBUNTU: USN-874-1
BID: 37349
BID: 37368
SECUNIA: 37699
SECUNIA: 37785
VUPEN: ADV-2009-3547
SUSE: SUSE-SA:2009:063
SECUNIA: 37856
SECUNIA: 37881
MANDRIVA: MDVSA-2010:043
SUSE: SUSE-SR:2010:008
SECUNIA: 39317
SUSE: SUSE-SR:2010:013
XF: mozilla-theora-bo(54805)
OVAL: oval:org.mitre.oval:de...

Launchpad.net

CVE 2009-3389

Related bugs

References