Check Point Advisories

Update Protection against Mozilla Firefox Browser Engine Memory Corruption

Check Point Reference: CPAI-2010-113
Date Published: 25 Mar 2010
Severity: Critical
Last Updated: Friday 01 January, 2010
Source: Secunia Advisory SA35331
Industry Reference:CVE-2009-3382
Protection Provided by:
Who is Vulnerable? Mozilla Foundation Firefox Prior to 3.0.11
Vulnerability Description A memory corruption vulnerability was reported in Mozilla Firefox, a popular Web browser developed by Mozilla Foundation. This flaw is due to the way Mozilla Firefox handles first-letter CSS style elements. A remote attacker can exploit this vulnerability by persuading a target user to open a malicious webpage. Successful attacks could allow for code execution.
Update/Patch AvaliableThe vendor, Mozilla, has released an advisory to address this vulnerability
Vulnerability DetailsThe vulnerability is due to an implementation error when handling the CSS pseudo-element first-letter. A remote attacker could exploit this vulnerability by persuading a target user to open a specially crafted web page. Successful exploitation may allow the attacker to execute arbitrary code on the vulnerable system with the privileges of the target user.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK