New Search

The garbage-collection implementation in Mozilla Firefox before 3.0.11 Thunderbird before 2.0.0.22 and SeaMonkey before 1.1.17 sets an element's owner document to null in unspecified circumstances which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted event handler related to an incorrect context for this event handler.

oval:org.mitre.oval:def:11080

The garbage-collection implementation in Mozilla Firefox before 3.0.11 Thunderbird before 2.0.0.22 and SeaMonkey before 1.1.17 sets an element's owner document to null in unspecified circumstances which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted event handler related to an incorrect context for this event handler.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 3
  • CentOS Linux 5
  • Red Hat Enterprise Linux 4
  • Oracle Linux 4
  • Oracle Linux 5
  • Red Hat Enterprise Linux 5
  • Red Hat Enterprise Linux 3
  • CentOS Linux 4
Class:
vulnerability
Reference(s):
  • CVE-2009-1838
Product(s):