Mozilla Foundation Security Advisory 2009-12

Mozilla Foundation Security Advisory 2009-12

Title: XSL Transformation vulnerability
Impact: Critical
Announced: March 27, 2009
Reporter: Guido Landi, Andre, Michael Rooney, Martin
Products: Firefox, SeaMonkey

Fixed in: Firefox 3.0.8
SeaMonkey 1.1.16
Description

Security researcher Guido Landi discovered that a XSL stylesheet could be used to crash the browser during a XSL transformation. An attacker could potentially use this crash to run arbitrary code on a victim's computer.

This vulnerability was also previously reported as a stability problem by Ubuntu community member, Andre. Ubuntu community member Michael Rooney reported Andre's findings to Mozilla, and Mozilla community member Martin helped reduce Andre's original testcase and contributed a patch to fix the vulnerability.
References

* https://bugzilla.mozilla.org/show_bug.cgi?id=485217
* https://bugzilla.mozilla.org/show_bug.cgi?id=460090
* https://bugzilla.mozilla.org/show_bug.cgi?id=485286
* CVE-2009-1169