|
|
Log in / Subscribe / Register

firefox: heap overflow in certificate regexp parsing

Package(s):firefox CVE #(s):CVE-2009-2404
Created:August 4, 2009 Updated:March 31, 2010
Description: From the Mozilla advisory: Moxie Marlinspike reported a heap overflow vulnerability in the code that handles regular expressions in certificate names. This vulnerability could be used to compromise the browser and run arbitrary code by presenting a specially crafted certificate to the client. This code provided compatibility with the non-standard regular expression syntax historically supported by Netscape clients and servers. With version 3.5 Firefox switched to the more limited industry-standard wildcard syntax instead and is not vulnerable to this flaw.
Alerts:
Gentoo 201301-01 firefox 2013-01-07
Debian DSA-2025-1 icedove 2010-03-31
Mandriva MDVSA-2009:197-3 nss 2009-12-03
Mandriva MDVSA-2009:197-2 nss 2009-09-11
Debian DSA-1874-1 nss 2009-08-26
Mandriva MDVSA-2009:216 mozilla-thunderbird 2009-08-23
Red Hat RHSA-2009:1207-01 nspr nss 2009-08-12
Mandriva MDVSA-2009:198 firefox 2009-08-07
Mandriva MDVSA-2009:197 nss 2009-08-07
Ubuntu USN-810-2 nspr 2009-08-04
Ubuntu USN-810-1 nss 2009-08-04
CentOS CESA-2009:1185 seamonkey 2009-07-31
Red Hat RHSA-2009:1185-01 seamonkey 2009-07-30
Red Hat RHSA-2009:1190-01 nspr, nss 2009-07-31
Red Hat RHSA-2009:1186-01 nspr, nss 2009-07-30
Red Hat RHSA-2009:1184-01 nspr, nss 2009-07-30
Fedora FEDORA-2009-8288 Miro 2009-08-05
Fedora FEDORA-2009-8288 xulrunner 2009-08-05
Fedora FEDORA-2009-8288 yelp 2009-08-05
Fedora FEDORA-2009-8288 ruby-gnome2 2009-08-05
Fedora FEDORA-2009-8288 perl-Gtk2-MozEmbed 2009-08-05
Fedora FEDORA-2009-8288 pcmanx-gtk2 2009-08-05
Fedora FEDORA-2009-8288 mugshot 2009-08-05
Fedora FEDORA-2009-8288 mozvoikko 2009-08-05
Fedora FEDORA-2009-8288 kazehakase 2009-08-05
Fedora FEDORA-2009-8288 google-gadgets 2009-08-05
Fedora FEDORA-2009-8288 gnome-web-photo 2009-08-05
Fedora FEDORA-2009-8288 gnome-python2-extras 2009-08-05
Fedora FEDORA-2009-8288 gecko-sharp2 2009-08-05
Fedora FEDORA-2009-8288 galeon 2009-08-05
Fedora FEDORA-2009-8288 firefox 2009-08-05
Fedora FEDORA-2009-8288 evolution-rss 2009-08-05
Fedora FEDORA-2009-8279 chmsee 2009-08-05
SuSE SUSE-SA:2009:048 MozillaFirefox 2009-10-20
Fedora FEDORA-2009-8279 blam 2009-08-05
Fedora FEDORA-2009-8288 blam 2009-08-05
Slackware SSA:2009-215-01 mozilla-firefox 2009-08-04
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds