Check Point Advisories

Update Protection against Mozilla Firefox JIT escape Function Memory Corruption

Check Point Reference: CPAI-2010-114
Date Published: 25 Mar 2010
Severity: Critical
Last Updated: Friday 01 January, 2010
Source: Secunia Advisory SA35798
Industry Reference:

CVE-2009-2477

Protection Provided by:
Who is Vulnerable? Mozilla Foundation Firefox 3.5
Vulnerability Description A memory corruption vulnerability exists in Mozilla Firefox, a web browser developed by Mozilla Foundation. This flaw is due to the way Mozilla Firefox handles JIT (Just-in-Time) escape Function calls. A remote attacker can exploit this vulnerability by enticing a target user to open a malicious web page.
Update/Patch AvaliableThe vendor, Mozilla Foundation, has released an advisory addressing this vulnerability
Vulnerability DetailsThe vulnerability is caused due to an error in the JIT (Just-in-Time) compiler when returning from e.g. an "escape()" function and can be exploited to trigger a memory corruption.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK