CVE-2009-2479

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions 3.0.x, 3.5, and 3.5.1

Description The issue allows remote attackers to cause a denial of service, resulting in an uncaught exception and application crash, via a long Unicode string argument to the write method. This issue was initially reported as a stack-based buffer overflow.

Recommendations For Mozilla Firefox versions 3.0.x, 3.5, and 3.5.1, consider avoiding the use of long Unicode strings in the write method until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.