Mozilla Firefox/Thunderbird/SeaMonkey 'document.write()' Buffer Overflow Vulnerability

Mozilla Firefox, SeaMonkey, and Thunderbird are prone to a buffer-overflow vulnerability.

An attacker can exploit this issue by enticing an unsuspecting user into viewing a page containing malicious content. A successful exploit will result in the execution of arbitrary code in the context of the user running the affected application.

These issues are fixed in:

Firefox 3.6.13
Firefox 3.5.16
Thunderbird 3.0.11
Thunderbird 3.1.7
SeaMonkey 2.0.11

NOTE: This issue was previously covered in BID 45322 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2010-74 -82, 84 Multiple Vulnerabilities), but has been assigned its own record to better document it.


Privacy Statement
Copyright 2010, SecurityFocus