• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Mozilla Multiple URI Processing Heap Based Buffer Overflow Vulnerabilities

Mozilla is reportedly affected by multiple heap based buffer overflow vulnerabilities when processing URIs in emails. These issues are due to a failure of the affected application to validate user-supplied string lengths before copying them into finite process buffers.

An attacker might leverage these issues to have arbitrary code executed in the context of the user running the vulnerable application.