Remote Integer-Overflow Vulnerability in Mozilla Firefox, SeaMonkey, and Thunderbird

vendor:

Firefox, SeaMonkey, Thunderbird

by:

Not mentioned

7.5

CVSS

HIGH

Integer-Overflow

190

CWE

Product Name: Firefox, SeaMonkey, Thunderbird

Affected Version From: Not mentioned

Affected Version To: Not mentioned

Patch Exists: YES

Related CWE: Not mentioned

CPE: Not mentioned

Metasploit:

Other Scripts:

Platforms Tested: Not mentioned

2010

Remote Integer-Overflow Vulnerability in Mozilla Firefox, SeaMonkey, and Thunderbird

The vulnerability allows an attacker to execute arbitrary code in the context of the user running an affected application. Failed exploit attempts may cause denial-of-service conditions.

Mitigation:

Update to the following fixed versions: Firefox 3.6.4, Firefox 3.5.10, Thunderbird 3.0.5, SeaMonkey 2.0.5

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/41082/info

Mozilla Firefox, SeaMonkey, and Thunderbird are prone to a remote integer-overflow vulnerability.

An attacker can exploit this issue to execute arbitrary code in the context of the user running an affected application. Failed exploit attempts will likely result in denial-of-service conditions.

These issues are fixed in:

Firefox 3.6.4
Firefox 3.5.10
Thunderbird 3.0.5
SeaMonkey 2.0.5

NOTE: This issue was previously covered in BID 41050 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2010-26/27/28/29/30/32 Remote Vulnerabilities) but has been given its own record to better document it.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/34192.zip