Mozilla Firefox/Thunderbird/SeaMonkey XSLT Integer Overflow Vulnerability

Mozilla Firefox, SeaMonkey, and Thunderbird are prone to a remote integer-overflow vulnerability.

An attacker can exploit this issue to execute arbitrary code in the context of the user running an affected application. Failed exploit attempts will likely result in denial-of-service conditions.

These issues are fixed in:

Firefox 3.6.4
Firefox 3.5.10
Thunderbird 3.0.5
SeaMonkey 2.0.5

NOTE: This issue was previously covered in BID 41050 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2010-26/27/28/29/30/32 Remote Vulnerabilities) but has been given its own record to better document it.


Privacy Statement
Copyright 2010, SecurityFocus