"Some of these crashes showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code," Mozilla said.
- CVE-2009-1834: URL spoofing with invalid unicode characters. An error exists allowing an attacker to display part of an Internationalized Domain Name as whitespace in the location bar, allowing an attacker to spoof a URL. Mozilla rated the flaw low.
- CVE-2009-1835: Arbitrary domain cookie access by a local file. Mozilla said this flaw required a lot of user interaction to be exploited by an attacker. A user would have to download a malicious file and open it in their browser. It could then steal arbitrary cookies from the victim's computer. The flaw was given a moderate rating.
- CVE-2009-1839: Incorrect principal set for file. The vulnerability is difficult to exploit, according to Mozilla. It can be exploited if a user downloaded a malicious document and then opened another document in a directory of interest to the attacker before opening the attacker's file in the same window. This flaw was given a moderate rating.
- CVE-2009-1840: XUL scripts bypass content-policy checks. Mozilla said content-loading policies were not checked before loading external script files into XUL documents. The flaw was given a low rating.