Mozilla Foundation Security Advisory 2009-10

Type securityvulns
Reporter Securityvulns
Modified 2009-03-06T00:00:00


Mozilla Foundation Security Advisory 2009-10

Title: Upgrade PNG library to fix memory safety hazards Impact: Critical Announced: March 4, 2009 Reporter: Glenn Randers-Pehrson Products: Firefox, Thunderbird, SeaMonkey

Fixed in: Firefox 3.0.7 Thunderbird SeaMonkey 1.1.15 Description

libpng maintainer Glenn Randers-Pehrson reported several memory safety hazards in PNG libraries used by Mozilla. These vulnerabilities could be used by a malicious website to crash a victim's browser and potentially execute arbitrary code on their computer. libpng was upgraded to a version which contained fixes for these flaws. References

* CVE-2009-0040