|
|
|
|
| |
Credit:
The information has been provided by J23.
The original article can be found at: http://www.zerodayinitiative.com/advisories/ZDI-10-132/
|
| |
Vulnerable Systems:
* Mozilla Firefox 3.6.x
User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the browser's method for parsing child elements out of a particular tag. The application will use a 32-bit index to enumerate them, but will store it in a 16-bit signed integer and then use it to allocate space for a cache. When populating the cache a buffer overflow will occur. This can lead to code execution under the context of the application.
Patch Availability:
Mozilla Firefox has issued an update to correct this vulnerability. More details can be found at:
http://www.mozilla.org/security/announce/2010/mfsa2010-37.html
CVE Information:
CVE-2010-1214
Disclosure Timeline:
2010-06-17 - Vulnerability reported to vendor
2010-07-20 - Coordinated public release of advisory
|
|
|
|
|
