Mozilla Firefox Location.hash Remote DoS Vulnerability Network Vulnerability

Summary

The host is installed with Mozilla Firefox browser and is prone to denial of service vulnerability. Vulnerability: The flaw is due to improper way of handling input passed to location.hash.

Impact

Successful exploitation could result in remote arbitrary code execution, and can crash the affected browser. Impact Level: Application

Solution

Upgrade to Mozilla Firefox version 3.6.3 or later For updates refer to http://www.mozilla.org/

Affected

Mozilla, Firefox version 3.0 through 3.0.13 and 3.5.x

References

http://downloads.securityfocus.com/vulnerabilities/exploits/32988.pl
http://websecurity.com.ua/3424/
http://www.securityfocus.com/archive/1/archive/1/506006/100/0/threaded
http://www.securityfocus.com/bid/32988/discuss

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-5715, CVE-2009-2953
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Asterisk Products Invalid SDP SIP Channel Driver DoS Vulnerability
eZ/eZphotoshare Denial of Service
ddrLPD Remote Denial of Service Vulnerability
ClamAV 'parseicon()' Denial Of Service Vulnerability
Dell OpenManage Web Server <= 3.7.1

Mozilla Firefox location.hash Remote DoS Vulnerability

Take action and discover your vulnerabilities