Buffer-Overflow Vulnerability in Mozilla Firefox and SeaMonkey

vendor:

Mozilla Firefox, SeaMonkey

by:

Unknown

7.5

CVSS

HIGH

Buffer-Overflow

CWE

Product Name: Mozilla Firefox, SeaMonkey

Affected Version From: Unknown

Affected Version To: Unknown

Patch Exists: YES

Related CWE: Unknown

CPE: a:mozilla:firefox,cpe:/a:mozilla:seamonkey

Metasploit:

Other Scripts:

Platforms Tested:

2010

Buffer-Overflow Vulnerability in Mozilla Firefox and SeaMonkey

The vulnerability allows an attacker to execute arbitrary code in the context of the user running the affected application by tricking them into viewing a page containing malicious content.

Mitigation:

Upgrade to Firefox 3.6.7, Firefox 3.5.11, or SeaMonkey 2.0.6

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/41842/info

Mozilla Firefox and SeaMonkey are prone to a buffer-overflow vulnerability.

An attacker can exploit this issue by tricking an unsuspecting victim into viewing a page containing malicious content. A successful exploit will result in the execution of arbitrary attacker-supplied code in the context of the user running the affected application.

This issue is fixed in:

Firefox 3.6.7
Firefox 3.5.11
SeaMonkey 2.0.6

NOTE: This issue was previously covered in BID 41824 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2010-34 Through -47 Multiple Remote Vulnerabilities), but has been assigned its own record to better document it. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/34358.zip