Mozilla Firefox Javascript Garbage Collector Vulnerability - Security


Editor Login \| Register		Ekle

> World > Security

Mozilla Firefox Javascript Garbage Collector Vulnerability - Security - World -

CWRedLight

(Date : 17.04.2008 20:36:23)

Mozilla Firefox Javascript Garbage Collector Vulnerability

Secunia Advisory:	SA29787
Release Date:	2008-04-17

Critical:	Highly critical
Impact:	DoS System access
Where:	From remote
Solution Status:	Vendor Patch

Software:	Mozilla Firefox 2.0.x

Description:
A vulnerability has been reported in Mozilla Firefox, which can potentially be exploited by malicious people to compromise a user"s system.

The vulnerability is caused due to an error in the Javascript Garbage Collector and can be exploited to cause a memory corruption via specially crafted Javascript code.

Successful exploitation may allow execution of arbitrary code.

The vulnerability is reported in version 2.0.0.13. Prior versions may also be affected.

Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, using the Network Software Inspector.

Solution:
Update to version 2.0.0.14.
http://www.mozilla.com/en-US/firefox/

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
Mozilla Foundation:
http://www.mozilla.org/security/announce/2008/mfsa2008-20.html

Derecelendir

Kaynak

http://secunia.com/advisories/29787/

İçerik İhbarı

Bağlantılar: bilgininefendisi.net

Open Source Document Project

AUP&TOS