vendor:
Firefox and Thunderbird
by:
posidron@tripbit.net
9.3
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Firefox and Thunderbird
Affected Version From: Mozilla Firefox <= 1.0.7
Affected Version To: Mozilla Thunderbird <= 1.0.6
Patch Exists: YES
Related CWE: CVE-2005-2709
CPE: Mozilla:Firefox
Metasploit:
https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2006-0140/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-CESA-2006-0140/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2006-0101/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-CESA-2006-0101/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-CESA-2006-0191/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-CESA-2006-0190/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2006-0191/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2006-0190/
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2005
Mozilla
A buffer overflow vulnerability exists in Mozilla Firefox and Mozilla Thunderbird versions 1.0.7 and 1.0.6 respectively. The vulnerability is caused due to a boundary error within the 'nsSVGPathDataParser.cpp' component when processing SVG Path data. This can be exploited to cause a stack-based buffer overflow by supplying a specially crafted SVG file containing an overly long 'd' attribute of a 'path' element. Successful exploitation allows execution of arbitrary code.
Mitigation:
Upgrade to Mozilla Firefox version 1.5.0.7 or later, or Mozilla Thunderbird version 1.5.0.7 or later.
