Integer Overflow Vulnerability in Mozilla and Netscape SOAPParameter Object Constructor

vendor:

Mozilla

by:

Unknown

7.5

CVSS

HIGH

Integer Overflow

190

CWE

Product Name: Mozilla

Affected Version From: Netscape 7.0

Affected Version To: Netscape 7.1 and versions of Mozilla prior to 1.7.1

Patch Exists: NO

Related CWE:

CPE: a:mozilla:mozilla:1.7.1

Metasploit:

Other Scripts:

Platforms Tested:

Unknown

Integer Overflow Vulnerability in Mozilla and Netscape SOAPParameter Object Constructor

The SOAPParameter object constructor in Mozilla and Netscape contains an integer overflow vulnerability. This can lead to corruption of critical heap memory structures and possible remote code execution. An attacker can exploit this by crafting a malicious web page and having users view it in a vulnerable version of Mozilla or Netscape.

Mitigation:

Users of affected versions are recommended to switch to Mozilla 1.7.1 or later, as new versions of Netscape are not likely to appear.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10843/info

It is reported that Mozilla and Netscape contain an integer overflow vulnerability in the SOAPParameter object constructor. This overflow may result in the corruption of critical heap memory structures, leading to possible remote code execution.

An attacker can exploit this issue by crafting a malicious web page and having unsuspecting users view the page in a vulnerable version of Mozilla or Netscape.

Netscape 7.0, 7.1, and versions of Mozilla prior to 1.7.1 are known to be vulnerable to this issue. Users of affected versions of Netscape are urged to switch to Mozilla 1.7.1 or later, as new versions of Netscape are not likely to appear.

var p=new Array(0x40000001);
var q=new SOAPParameter(p);