Mozilla Firefox 'setTimeout()' Remote Code Execution Vulnerability

Bugtraq ID: 35766
Class: Design Error
CVE: CVE-2009-2471
Remote: Yes
Local: No
Published: Jul 21 2009 12:00AM
Updated: Apr 13 2015 09:40PM
Credit: Blake Kaplan
Vulnerable: SuSE SUSE Linux Enterprise Server 11 DEBUGINFO
SuSE SUSE Linux Enterprise Server 11
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Server 10 SP2
SuSE SUSE Linux Enterprise SDK 10 SP2
SuSE SUSE Linux Enterprise Desktop 11
SuSE SUSE Linux Enterprise Desktop 10 SP2
SuSE SUSE Linux Enterprise 11
SuSE SUSE Linux Enterprise 10 SP2 DEBUGINFO
SuSE openSUSE 10.3
Slackware Linux 12.2
S.u.S.E. openSUSE 11.1
S.u.S.E. openSUSE 11.0
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux ES 4.8.z
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux Desktop Workstation 5 client
RedHat Enterprise Linux Desktop version 4
Red Hat Enterprise Linux EUS 5.3.z server
Red Hat Enterprise Linux Desktop 5 client
Red Hat Enterprise Linux AS 4.8.z
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux 5 Server
Pardus Linux 2009 0
Pardus Linux 2008 0
Mozilla XULRunner 1.9.0.12
Mozilla XULRunner 1.9
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.10
Mozilla Firefox 3.0.9
Mozilla Firefox 3.0.8
Mozilla Firefox 3.0.7 Beta
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0 Beta 5
Mozilla Firefox 3.0
Debian Linux 5.0 sparc
Debian Linux 5.0 s/390
Debian Linux 5.0 powerpc
Debian Linux 5.0 mipsel
Debian Linux 5.0 mips
Debian Linux 5.0 m68k
Debian Linux 5.0 ia-64
Debian Linux 5.0 ia-32
Debian Linux 5.0 hppa
Debian Linux 5.0 armel
Debian Linux 5.0 arm
Debian Linux 5.0 amd64
Debian Linux 5.0 alpha
Debian Linux 5.0
Not Vulnerable: Mozilla Firefox 3.5
Mozilla Firefox 3.0.12


 

Privacy Statement
Copyright 2010, SecurityFocus