Computer Security

Security Advisory: Mozilla Foundation Security Advisory 2008-54
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Mozilla Firefox / Thinderbird / Seamonkey multiple security vulnerabilities

  Mozilla Foundation Security Advisory 2008-58

  Mozilla Foundation Security Advisory 2008-57

  Mozilla Foundation Security Advisory 2008-56

  Mozilla Foundation Security Advisory 2008-55

From:MOZILLA
Date:14.11.2008
Subject:Mozilla Foundation Security Advisory 2008-54

Mozilla Foundation Security Advisory 2008-54

Title: Buffer overflow in http-index-format parser
Impact: Critical
Announced: November 12, 2008
Reporter: Justin Schuh
Products: Firefox, SeaMonkey

Fixed in: Firefox 3.0.4
 Firefox 2.0.0.18
 SeaMonkey 1.1.13
Description

Justin Schuh of the IBM X-Force reported a flaw in the way Mozilla parses the http-index-format MIME type. By sending a specially crafted 200 header line in the HTTP index response, an attacker can cause the browser to crash and run arbitrary code on the victim's computer.
References

   * https://bugzilla.mozilla.org/show_bug.cgi?id=443299
   * CVE-2008-0017

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru