Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Mozilla Firefox / Thunderbird / Seamonkey
Опубликовано:18 июля 2008 г.
Источник:
SecurityVulns ID:9154
Тип:клиент
Уровень опасности:
7/10
Описание:Переполнение индекса массива при разборе CSS, отказ при разборе GIF под Mac OS X, выполнение кода при запуске через обработчик URI.
Затронутые продукты:MOZILLA : Firefox 2.0
 MOZILLA : Thunderbird 2.0
 MOZILLA : SeaMonkey 1.1
 MOZILLA : Firefox 3.0
CVE:CVE-2008-2934 (Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file that triggers a free of an uninitialized pointer.)
 CVE-2008-2933 (Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' (pipe) characters in a command-line URI as requests to open multiple tabs, which allows remote attackers to access chrome:i URIs, or read arbitrary local files via manipulations involving a series of URIs that is not entirely handled by a vector application, as exploited in conjunction with CVE-2008-2540. NOTE: this issue exists because of an insufficient fix for CVE-2005-2267.)
 CVE-2008-2785 (Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which allows remote attackers to execute arbitrary code via a large number of references to a common CSS object, leading to a counter overflow and a free of in-use memory, aka ZDI-CAN-349.)
Оригинальный текстdocumentZDI, ZDI-08-044: Mozilla Firefox CSSValue Array Memory Corruption Vulnerability (18.07.2008)
 documentMOZILLA, Mozilla Foundation Security Advisory 2008-35 (18.07.2008)
 documentMOZILLA, Mozilla Foundation Security Advisory 2008-36 (18.07.2008)
 documentMOZILLA, Mozilla Foundation Security Advisory 2008-34 (18.07.2008)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород