Check Point Advisories

Update Protection against Mozilla Firefox nsDirIndexParser Overflow

Check Point Reference: CPAI-2008-242
Date Published: 21 Nov 2008
Severity: High
Last Updated: Tuesday 01 January, 2008
Source: Security Focus Bugtraq ID: 32281
Industry Reference:CVE-2008-0017
Protection Provided by:
Who is Vulnerable? Firefox 3.0.4
Firefox 2.0.0.18
SeaMonkey 1.1.13
Vulnerability Description The Mozilla Foundation has reported various vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey. If expolited, these vulnerabilities may lead to theft of authentication credentials, disclosure of sensitive information, execution of scripts with elevated privileges and execution of arbitrary code.  For the attack to be successful an attacker must cause the victim user to browse to a malicious web page or click a link in a malicious email.
Update/Patch AvaliableVendor's advisory:
http://www.mozilla.org/security/announce/2008/mfsa2008-54.html 
Vulnerability DetailsThe vulnerability is caused by a buffer overflow error when parsing the http-index-format MIME type, which could be exploited to execute arbitrary code on a machine using affetced version of Firefox.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK