Mozilla Firefox and SeaMonkey JavaScript String Values Buffer Overflow Vulnerability

Mozilla Firefox and SeaMonkey are prone to a buffer-overflow vulnerability because of a failure to properly bounds check user-supplied data.

Successful exploits may allow an attacker to execute arbitrary code in the context of the user running an affected application. Failed exploit attempts will result in a denial-of-service condition.

This issue affects versions prior to:

Firefox 3.6.14
Firefox 3.5.17
SeaMonkey 2.0.12

NOTE: This issue was previously discussed in BID 46368 (Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2011-01 through -10 Multiple Vulnerabilities) but has been given its own record to better document it.


Privacy Statement
Copyright 2010, SecurityFocus