CVE-2009-1828

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 3.0.10

Description: The issue allows remote attackers to cause a denial of service, resulting in an infinite loop, application hang, and memory consumption. This can be achieved via a KEYGEN element used in conjunction with either a META element that specifies automatic page refresh or a JavaScript onLoad event handler for a BODY element.

Recommendations: For versions prior to 3.0.10, consider disabling the use of KEYGEN elements in conjunction with META elements that specify automatic page refresh or JavaScript onLoad event handlers for BODY elements until a fix is available.