Secunia Advisory SA21513

Mozilla Firefox Memory Corruption Weakness
Secunia Advisory SA21513
Release Date 2006-08-17
Last Update 2006-09-15
   
Popularity 21,862 views
Comments 0 comments

Criticality level Not criticalNot critical
Impact DoS
Where From remote
Authentication level Available in Customer Area
   
Report reliability Available in Customer Area
Solution Status Vendor Patch
   
Systems affected Available in Customer Area
Approve distribution Available in Customer Area
Remediation status Secunia CSI, Secunia PSI
Automated scanning Secunia CSI, Secunia PSI
   
Software:
Mozilla Firefox 1.x

Secunia CVSS Score Available in Customer Area
CVE Reference(s) CVE-2006-4253 CVSS available in Customer Area
CVE-2006-4261 CVSS available in Customer Area
  

Description
Michal Zalewski has discovered a weakness in Firefox, which can be exploited by malicious people to cause a DoS (Denial of Service).

The weakness is caused due to an unspecified error and can be exploited to corrupt memory.

Successful exploitation crashes the browser. Execution of arbitrary code has not been proven, but can't be completely ruled out.

The weakness has been confirmed in version 1.5.0.6 for Windows. Other versions may also be affected.

NOTE: Secunia normally doesn't classify a browser crash as a vulnerability nor issue an advisory about it. However, the potential risc of this issue may be more severe than currently believed, which justifies for an advisory being issued.

Solution
Update to version 1.5.0.7.
Further details available in Customer Area

Provided and/or discovered by
Michal Zalewski

Changelog
Further details available in Customer Area

Deep Links
Links available in Customer Area


Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this information to vuln@secunia.com
Subject: Mozilla Firefox Memory Corruption Weakness
 
No posts yet

-

You must be logged in to post a comment.



footer
© 2002-2010 Secunia ApS • Weidekampsgade 14A, DK-2300 Copenhagen S, Denmark • +45 7020 5144 • Contact Us
Terms & Conditions and CopyrightReport vulnerability
CVE logo OTA logo First logo