Vulnerability Note VU#427972

Mozilla denial of service vulnerability

Overview

Certain Mozilla products contain a denial-of-service vulnerability.

I. Description

Certain Mozilla products contain a denial-of-service vulnerability that occurs because of an infinite loop in the js_dtoa function. Mozilla Firefox versions prior to 2.0.0.1, Thunderbird prior to 1.5.0.9, and other Mozilla products may be affected.

According to Mozilla Foundation Security Advisory 2006-68:

Keith Victor reported that if the floating point precision of the CPU was reduced (which can happen on windows by loading a plugin which creates a Direct3D device) then it is possible that js_dtoa() will not exit and instead overwrite memory. None of the most common plugins in use do this which lowers the overall impact of this vulnerability to moderate.

II. Impact

A remote unauthenticated attacker may be able to cause a denial-of-service condition.

III. Solution

Upgrade

The Mozilla Foundation has released upgrades that address this issue. See Mozilla Foundation Security Advisory 2006-68 for more information.

Systems Affected

Vendor	Status	Date Updated
Mozilla	Vulnerable	21-Dec-2006

References

Credit

Thanks to Igor Bukanov, Jesse Ruderman, moz_bug_r_a4, Mozilla for providing information that was used in this report.

This document was written by Ryan Giobbi.

Other Information

Date Public	12/19/2006
Date First Published	01/18/2007 02:32:09 PM
Date Last Updated	06/04/2007
CERT Advisory
CVE Name	CVE-2006-6499
US-CERT Technical Alerts
Metric	0.30
Document Revision	41

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Produced 2007 by US-CERT, a government organization
Disclaimers and copyright information

Get Adobe Reader