Issues discovered by Stefan Cornelius, Secunia Research, advisory SA37232 and CVE identifier CVE-2009-3909. Fixes bug #600741. (cherry picked from commit 9cc8d78f)