CVE-2009-2535

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 2.0.0.19 Mozilla Firefox versions 3.x prior to 3.0.5 SeaMonkey (affected versions not specified) Thunderbird (affected versions not specified)

Description The issue allows remote attackers to cause a denial of service, resulting in memory consumption and application crash, by providing a large integer value for the length property of a Select object.

Recommendations For Mozilla Firefox versions prior to 2.0.0.19, update to version 2.0.0.19 or later. For Mozilla Firefox versions 3.x prior to 3.0.5, update to version 3.0.5 or later. For SeaMonkey, at the moment, there is no information about a newer version that contains a fix for this issue. For Thunderbird, at the moment, there is no information about a newer version that contains a fix for this issue.