Check Point Advisories

Update Protection against Mozilla Firefox Browser Engine Memory Corruption

Check Point Reference: CPAI-2010-115
Date Published: 25 Mar 2010
Severity: Critical
Last Updated: Friday 01 January, 2010
Source: Secunia Advisory SA35331
Industry Reference:CVE-2009-1392
Protection Provided by:
Who is Vulnerable? Mozilla Foundation Firefox Prior to 3.0.11
Vulnerability Description A memory corruption was reported in vulnerability in Mozilla Firefox. This flaw is due to the way Mozilla Firefox handles firstletter CSS style elements. A remote attacker can exploit this vulnerability by persuading a target user to open a malicious webpage. Successful exploitation could allow for remote code execution.
Update/Patch AvaliableThe vendor, Mozilla Foundation, has released an advisory to address this vulnerability.
Vulnerability DetailsThe vulnerability is due to an implementation error when handling the CSS pseudo-element: first-letter. A remote attacker could exploit this vulnerability by persuading a target user to open a specially crafted web page. Successful exploitation could lead to remote code execution on the target system.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK