CVE-2009-3072 Information

Description

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3 Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the BinHex decoder in netwerk/streamconv/converters/nsBinHexDecoder.cpp and unknown vectors.

Reference

http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://secunia.com/advisories/36669 http://secunia.com/advisories/36670 http://secunia.com/advisories/36671 http://secunia.com/advisories/36692 http://secunia.com/advisories/37098 http://secunia.com/advisories/38977 http://secunia.com/advisories/39001 http://www.debian.org/security/2009/dsa-1885 http://www.mozilla.org/security/announce/2009/mfsa2009-47.html http://www.mozilla.org/security/announce/2010/mfsa2010-07.html http://www.novell.com/linux/security/advisories/2009_48_firefox.html http://www.redhat.com/support/errata/RHSA-2009-1430.html http://www.redhat.com/support/errata/RHSA-2009-1431.html http://www.redhat.com/support/errata/RHSA-2009-1432.html http://www.redhat.com/support/errata/RHSA-2010-0153.html http://www.redhat.com/support/errata/RHSA-2010-0154.html http://www.securityfocus.com/bid/36343 http://www.ubuntu.com/usn/USN-915-1 http://www.vupen.com/english/advisories/2010/0648 http://www.vupen.com/english/advisories/2010/0650 https://bugzilla.mozilla.org/show_bug.cgi?id=494283 https://bugzilla.mozilla.org/show_bug.cgi?id=501900 https://bugzilla.mozilla.org/show_bug.cgi?id=508074 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10349 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A6315