Lucene search

Ubuntu.comUB:CVE-2009-1827

HistoryMay 29, 2009 - 12:00 a.m.

CVE-2009-1827

2009-05-2900:00:00

ubuntu.com

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.092 Low

EPSS

Percentile

94.7%

JSON

The SVG component in Mozilla Firefox 3.0.4 allows remote attackers to cause
a denial of service (application hang) via a large value in the r (aka
Radius) attribute of a circle element, related to an “unclamped loop.”

Bugs

<https://bugzilla.mozilla.org/show_bug.cgi?id=393832>

OSVersionArchitecturePackageVersionFilename
ubuntu9.04noarchxulrunner-1.9.1< 1.9.1.9+nobinonly-0ubuntu0.9.04.1UNKNOWN
ubuntu9.10noarchxulrunner-1.9.1< 1.9.1.9+nobinonly-0ubuntu0.9.10.1UNKNOWN
ubuntu8.04noarchxulrunner-1.9.2< 1.9.2.6+nobinonly-0ubuntu0.8.04.1UNKNOWN
ubuntu10.04noarchxulrunner-1.9.2< 1.9.2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	9.04	noarch	xulrunner-1.9.1	< 1.9.1.9+nobinonly-0ubuntu0.9.04.1	UNKNOWN
ubuntu	9.10	noarch	xulrunner-1.9.1	< 1.9.1.9+nobinonly-0ubuntu0.9.10.1	UNKNOWN
ubuntu	8.04	noarch	xulrunner-1.9.2	< 1.9.2.6+nobinonly-0ubuntu0.8.04.1	UNKNOWN
ubuntu	10.04	noarch	xulrunner-1.9.2	< 1.9.2	UNKNOWN

References

launchpad.net/bugs/cve/CVE-2009-1827

nvd.nist.gov/vuln/detail/CVE-2009-1827

security-tracker.debian.org/tracker/CVE-2009-1827

www.cve.org/CVERecord?id=CVE-2009-1827

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.092 Low

EPSS

Percentile

94.7%

JSON

Related for UB:CVE-2009-1827