CVE-2009-3389

Published: 15 December 2009

Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used in Mozilla Firefox 3.5 before 3.5.6 and SeaMonkey before 2.0.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a video with large dimensions.

Priority

Medium

Status

Package Release Status
seamonkey
Launchpad, Ubuntu, Debian
Upstream
Released (2.0.1)
xulrunner-1.9.1
Launchpad, Ubuntu, Debian
Upstream Needs triage