Vulnerability Note VU#179014
Mozilla CSS integer overflow vulnerability
OverviewMozilla products contain an integer overflow that could allow a remote, unauthenticated attacker to execute arbitrary code.
I. DescriptionCascading Style Sheets
CSS is a mechanism for adding style to web documents.
The problem
Mozilla products contain an integer overflow in the CSS letter spacing property. This may allow a remote attacker to manipulate memory allocation routines to create an undersized buffer. When data is copied to this buffer, a heap-based buffer overflow may occur.
For a list of affected, products refer to Mozilla Foundation Security Advisory 2006-22.
II. ImpactIf an attacker can persuade a user to access a specially crafted web page, that attacker may be able to execute arbitrary code.
III. SolutionUpgrade
Refer to Mozilla Foundation Security Advisory 2006-22 for fixed versions of Mozilla products.
Systems Affected
References
http://www.mozilla.org/security/announce/2006/mfsa2006-22.html
http://www.w3.org/Style/CSS/
https://bugzilla.mozilla.org/show_bug.cgi?id=325403
Credit
This vulnerability was reported in Mozilla Foundation Security Advisory 2006-22.
This document was written by Jeff Gennari.
Other Information
| Date Public | 04/13/2006 |
| Date First Published | 04/17/2006 10:12:27 AM |
| Date Last Updated | 05/17/2006 |
| CERT Advisory | |
| CVE Name | CVE-2006-1730 |
| US-CERT Technical Alerts | |
| Metric | 31.40 |
| Document Revision | 19 |
If you have feedback, comments, or additional information about this vulnerability, please send us
email.
|