Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:22962
HistoryDec 17, 2009 - 12:00 a.m.

Mozilla Foundation Security Advisory 2009-66

2009-12-1700:00:00
vulners.com
16

Mozilla Foundation Security Advisory 2009-66

Title: Memory safety fixes in liboggplay media library
Impact: Critical
Announced: December 15, 2009
Reporter: Mozilla community and developers
Products: Firefox, SeaMonkey

Fixed in: Firefox 3.5.6
SeaMonkey 2.0.1
Description

Mozilla discovered several bugs in liboggplay which posed potential memory safety issues. The bugs which were fixed could potentially be used by an attacker to crash a victim's browser and execute arbitrary code on their computer.

Audio and video capabilities were added in Firefox 3.5 so prior releases of Firefox were not affected.
References

David Keeler and Bob Clary reported crashes in liboggplay.

* liboggplay bugs
* CVE-2009-3388
Related for SECURITYVULNS:DOC:22962