CVE-2008-2785
CVE-2008-2785
Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which allows remote attackers to execute arbitrary code via a large number of references to a common CSS object, leading to a counter overflow and a free of in-use memory, aka ZDI-CAN-349.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://blog.mozilla.com/security/2008/06/18/new-security-issue-under-investigation/http://dvlabs.tippingpoint.com/blog/2008/06/18/vulnerability-in-mozilla-firefox-30http://rhn.redhat.com/errata/RHSA-2008-0616.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=440230http://secunia.com/advisories/30761http://secunia.com/advisories/31121http://secunia.com/advisories/31122http://secunia.com/advisories/31129http://secunia.com/advisories/31144http://secunia.com/advisories/31145http://secunia.com/advisories/31154http://secunia.com/advisories/31157