Mozilla Firefox Buffer Overflow Vulnerability - July09 (Win) Network Vulnerability

Summary

The host is installed with Mozilla Firefox browser and is prone to Buffer Overflow vulnerability.

Impact

Successful attacks will let attackers to can cause Denial of Service to the legitimate user. Impact Level: Application

Solution

Upgrade to Firefox version 3.6.3 or later, For updates refer to http://www.mozilla.com/en-US/firefox/upgrade.html

Insight

- A NULL pointer dereference error exists due an unspecified vectors, related to a 'flash bug.' which can cause application crash. - Stack-based buffer overflow error is caused by sending an overly long string argument to the 'document.write' method.

Affected

Firefox version 3.5.1 and prior on Windows

References

http://xforce.iss.net/xforce/xfdb/51729
https://bugzilla.mozilla.org/show_bug.cgi?id=503286

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-2478, CVE-2009-2479
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Advantech Studio Multiple Buffer Overflow Vulnerabilities
Adobe Reader/Acrobat Multimedia Doc.media.newPlayer Code Execution Vulnerability (Win)
CursorArts ZipWrangler 'ZIP Processing' Buffer Overflow Vulnerability
BS.Player '.bsl' File Buffer Overflow Vulnerabilities
ChaSen Buffer Overflow Vulnerability (Windows)

Take action and discover your vulnerabilities