CVE-2009-0775

N/A Unknown

Published: March 05, 2009 Modified: April 23, 2026

Description

Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html

Source: secalert@redhat.com

http://secunia.com/advisories/34137

Source: secalert@redhat.com

http://secunia.com/advisories/34140

Source: secalert@redhat.com

http://secunia.com/advisories/34145

Source: secalert@redhat.com

http://secunia.com/advisories/34272

Source: secalert@redhat.com

http://secunia.com/advisories/34324

Source: secalert@redhat.com

http://secunia.com/advisories/34383

Source: secalert@redhat.com

http://secunia.com/advisories/34417

Source: secalert@redhat.com

http://support.avaya.com/elmodocs2/security/ASA-2009-069.htm

Source: secalert@redhat.com

http://support.avaya.com/japple/css/japple?temp.documentID=366362&temp.productID=154235&temp.releaseID=361845&temp.bucketID=126655&PAGE=Document

Source: secalert@redhat.com

http://www.debian.org/security/2009/dsa-1751

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2009:075

Source: secalert@redhat.com

http://www.mozilla.org/security/announce/2009/mfsa2009-08.html

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2009-0258.html

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2009-0315.html

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2009-0325.html

Source: secalert@redhat.com

http://www.securityfocus.com/bid/33990

Source: secalert@redhat.com

http://www.securitytracker.com/id?1021796

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2009/0632

Source: secalert@redhat.com

https://bugzilla.mozilla.org/show_bug.cgi?id=474456

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5806

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5816

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6207

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7584

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9681

Source: secalert@redhat.com

https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html

Source: secalert@redhat.com

https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html