CVE-2009-1169
Published: 27 March 2009
The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox before 3.0.8 and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XML file with a crafted XSLT transform.
Priority
High
Status
| Package | Release | Status |
|---|---|---|
|
firefox Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
iceape Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
seamonkey Launchpad, Ubuntu, Debian |
Upstream |
Released
(1.1.16)
|
|
xulrunner Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
xulrunner-1.9 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
xulrunner-1.9.1 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
Notes
| Author | Note |
|---|---|
| kees | very late in the day announcement http://blog.mozilla.com/blog/2009/03/27/firefox-308-security-release-now-available/ |