Computer Security

Security Advisory: Mozilla Foundation Security Advisory 2009-56
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Mozilla Firefox / Seamonkey multiple security vulnerabilities

  Context IS Advisory - Autocomplete Data Theft in Mozilla Firefox

  iDefense Security Advisory 10.28.09: Mozilla Firefox GIF Color Map Parsing Buffer Overflow Vulnerability

  Secunia Research: Mozilla Firefox Floating Point Memory Allocation Vulnerability

  Mozilla Firefox 3.5.3 Local Download Manager Exploit

From:MOZILLA
Date:28.10.2009
Subject:Mozilla Foundation Security Advisory 2009-56

Mozilla Foundation Security Advisory 2009-56

Title: Heap buffer overflow in GIF color map parser
Impact: Critical
Announced: October 27, 2009
Reporter: regenrecht, iDefense
Products: Firefox, SeaMonkey

Fixed in: Firefox 3.5.4
 Firefox 3.0.15
 SeaMonkey 2.0

This flaw does not affect products built on the Gecko 1.8 browser engine such as Thunderbird 2.
Description

Security research firm iDefense reported that researcher regenrecht discovered a heap-based buffer overflow in Mozilla's GIF image parser. This vulnerability could potentially be used by an attacker to crash a victim's browser and run arbitrary code on their computer.
References

   * https://bugzilla.mozilla.org/show_bug.cgi?id=511689
   * CVE-2009-3373

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server