|
|
|
Vulnerability Note VU#722244Mozilla products vulnerable to heap overflow via miscalculated size during conversion of an imageOverviewA vulnerability exists in Mozilla products that may allow a remote attacker to execute arbitrary code or cause a denial of service.I. DescriptionMozilla products contain a vulnerability in the CSS cursor property on Microsoft Windows that may result in a crash when handling malicious images. According to the Mozilla Foundation Security Advisory 2006-69:A miscalculated size during conversion of the image to a Windows bitmap can result in a heap buffer overflow which could be used to compromise the victim's computer. Mozilla also states that this flaw affects both Firefox 2 and Firefox 1.5 but not the earlier Firefox 1.0 or Mozilla Suite products. II. ImpactA remote, unauthenticated attacker may be able to execute arbitrary code or cause a denial of service.III. SolutionApply an updateAccording to the Mozilla Foundation Security Advisory 2006-69, this vulnerability is addressed in Firefox 2.0.0.1, Firefox 1.5.0.9, Thunderbird 1.5.0.9, and SeaMonkey 1.0.7.
References
This issue is addressed in Mozilla Foundation Security Advisory 2006-69. Mozilla credits Frederik Reiss with providing information about this issue. This document was written by Chris Taschner.
If you have feedback, comments, or additional information about this vulnerability, please send us
email. |
||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||