Mozilla Foundation Security Advisory 2009-23

Crash in nsTextFrame::ClearTextRun()

Announced

April 27, 2009

Reporter

Marc Gueury, Daniel Veditz

Impact

Critical

Products

Firefox

Fixed in

Firefox 3.0.10

Description

One of the security fixes in Firefox 3.0.9 introduced a regression that caused some users to experience frequent crashes. Users of the HTML Validator add-on were particularly affected, but other users also experienced this crash in some situations. In analyzing this crash we discovered that it was due to memory corruption similar to cases that have been identified as security vulnerabilities in the past.

References

https://bugzilla.mozilla.org/show_bug.cgi?id=489647
CVE-2009-1313

Firefox for Desktop

Firefox for Android

Firefox for iOS

Firefox Focus

Firefox Blog

Release Notes

Mozilla Monitor

Facebook Container

Pocket

Mozilla VPN

Firefox Relay

MDN Plus

Fakespot

Mozilla Manifesto

Mozilla Foundation

Leadership

Get involved

Careers

Mozilla Blog

Impact

Firefox Developer Edition

MDN Web Docs

Mozilla Innovation Projects

Common Voice

Mozilla Foundation Security Advisory 2009-23

Crash in nsTextFrame::ClearTextRun()

Description

References