Mozilla Foundation Security Advisory 2009-10

2009-03-06T00:00:00
ID SECURITYVULNS:DOC:21429
Type securityvulns
Reporter Securityvulns
Modified 2009-03-06T00:00:00

Description

Mozilla Foundation Security Advisory 2009-10

Title: Upgrade PNG library to fix memory safety hazards Impact: Critical Announced: March 4, 2009 Reporter: Glenn Randers-Pehrson Products: Firefox, Thunderbird, SeaMonkey

Fixed in: Firefox 3.0.7 Thunderbird 2.0.0.21 SeaMonkey 1.1.15 Description

libpng maintainer Glenn Randers-Pehrson reported several memory safety hazards in PNG libraries used by Mozilla. These vulnerabilities could be used by a malicious website to crash a victim's browser and potentially execute arbitrary code on their computer. libpng was upgraded to a version which contained fixes for these flaws. References

* https://bugzilla.mozilla.org/show_bug.cgi?id=478901
* CVE-2009-0040