1
Candidate: CVE-2009-4130
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4130
6
Visual truncation vulnerability in the MakeScriptDialogTitle function in
7
nsGlobalWindow.cpp in Mozilla Firefox allows remote attackers to spoof the
8
origin domain name of a script via a long name.
11
jdstrand> CVEs in Firefox are tracked in the xulrunner source packages. The
12
mapping of xulrunner sources to firefox is:
13
xulrunner (1.8.0): firefox (1.5) - Ubuntu 6.06 LTS
14
xulrunner (1.8.1): firefox (2.0) - Ubuntu 6.10 - 8.04 LTS
15
xulrunner-1.9: firefox-3.0
16
xulrunner-1.9.1: firefox-3.5
17
jdstrand: Ubuntu 6.06 LTS and 10.04 LTS uses the embedded xulrunner and not
18
the system xulrunner-1.9.2, so it is tracked in the firefox source package.
24
Patches_xulrunner-1.9.1:
25
upstream_xulrunner-1.9.1: ignored
26
dapper_xulrunner-1.9.1: DNE
27
hardy_xulrunner-1.9.1: DNE
28
intrepid_xulrunner-1.9.1: DNE
29
jaunty_xulrunner-1.9.1: ignored
30
karmic_xulrunner-1.9.1: ignored
31
devel_xulrunner-1.9.1: ignored