CVE-2009-1313

Publication date 30 April 2009

Last updated 24 July 2024

Ubuntu priority

The nsTextFrame::ClearTextRun function in layout/generic/nsTextFrameThebes.cpp in Mozilla Firefox 3.0.9 allows remote attackers to cause a denial of service (memory corruption) and probably execute arbitrary code via unspecified vectors. NOTE: this vulnerability reportedly exists because of an incorrect fix for CVE-2009-1302.

Read the notes from the security team

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
firefox-3.0	9.04 jaunty	Fixed 3.0.10+nobinonly-0ubuntu0.9.04.1
	8.10 intrepid	Fixed 3.0.10+nobinonly-0ubuntu0.8.10.1
	8.04 LTS hardy	Fixed 3.0.10+nobinonly-0ubuntu0.8.04.1
	6.06 LTS dapper	Not in release

How can I get the fixes?
What do statuses mean?

Notes

jdstrand

introduced in 3.0.9

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-765-1
Firefox and Xulrunner vulnerabilities
28 April 2009

Other references

https://www.cve.org/CVERecord?id=CVE-2009-1313