Red Hat Customer Portal

Skip to main content

CVE-2009-0774

The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulnerability than CVE-2009-0773.

Details Source

Mitre

Public Date

2009-03-04 00:00:00

Impact

Critical

Bugzilla

CVE-2009-0774 Firefox 2 and 3 crashes in the JavaScript engine

Bugzilla ID

488 283

CVSS Status

verified

Base Score

6.80

Base Metrics

AV:N/AC:M/Au:N/C:P/I:P/A:P

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 (firefox) RHSA-2009:0315 2009-03-05
Red Hat Enterprise Linux 5 (thunderbird) RHSA-2009:0258 2009-03-24
Red Hat Enterprise Linux 3 (seamonkey) RHSA-2009:0325 2009-03-05
Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server) (thunderbird) RHSA-2009:0258 2009-03-24
Red Hat Enterprise Linux 4 (seamonkey) RHSA-2009:0325 2009-03-05
Red Hat Enterprise Linux 2.1 (seamonkey) RHSA-2009:0325 2009-03-05
Red Hat Enterprise Linux 4 (thunderbird) RHSA-2009:0258 2009-03-24
Red Hat Enterprise Linux 5 RHSA-2009:0315 2009-03-05

Affected Packages State

Platform Package State
Red Hat Enterprise Linux version 5 xulrunner 1.9.0.7-1.el5 Fixed