Mozilla Firefox and Seamonkey Regular Expression Parsing Heap Buffer Overflow Vulnerability

Mozilla Firefox and Seamonkey Regular Expression Parsing Heap Buffer Overflow Vulnerability

References:

30 Jul 2009: How the Kaminsky SSL talk at Black Hat affects various OSS librarie (Mark J. Cox)
CVE-2009-2404 vulnerability in NSS affects Sun Java System Access Manager Policy (Oracle)
SeaMonkey Homepage (Mozilla)
SSL flaw revealed at Black Hat (Wendy Grossman)
Vulnerabilities Allow Attacker to Impersonate Any Website (Kim Zetter)
ASA-2009-511 (SUN 267031) (Avaya)
Heap Overflow in a Regular Expression Parser in Network Security Services (NSS) (Sun)
MFSA 2009-43: Heap overflow in certificate regexp parsing (Mozilla)
Oracle Critical Patch Update April 2010 (Oracle)
Solution 269468 : Security Vulnerability in Mozilla Thunderbird Related to SS (Sun)
This Alert covers CVE-2009-2404 and CVE-2009-0688 for the Directory Server compo (Sun)

Privacy Statement
Copyright 2010, SecurityFocus