CERT-In Vulnerability Note CIVN-2008-94
Remote Code Execution Vulnerability in Mozilla Products
Original Issue Date:
June 27, 2008
Update: July 23, 2008
Severity Rating:
High
System Affected
- Mozilla Firefox 2.x
- Mozilla Firefox 3.0
- SeaMonkey 1.x prior to 1.1.11
- Thunderbird 2.x prior to 2.0.0.16
Overview
A vulnerability has been reported in Mozilla products which could be exploited by a remote attacker to execute arbitrary code with the privileges of the logged-in user.
Description
The reported vulnerability in Mozilla's internal CSSValue array data structure is caused due to the use of an insufficiently sized variable as a reference counter for CSS objects. By creating more than 65,535 references to a common CSS object, 16-bit reference counter could be overflowed, which may cause a crash when the browser attempts to free the CSS object which is still in use. Successful exploitation of this vulnerability allows the remote attacker to execute arbitrary code with the privileges of the logged-in user.
Workaround
- Disable JavaScript until a version containing these fixes can be installed.
Solutions
Firefox 3.x:
Upgrade to version 3.0.1.
http://www.mozilla.com/en-US/firefox/
Firefox 2.0.x:
Upgrade to version 2.0.0.16.
http://www.mozilla.com/en-US/firefox/all-older.html
SeaMonkey
Upgrade to version 1.1.11
http://www.seamonkey-project.org/
Thunderbird
Upgrade to version 2.0.0.16
http://www.mozilla.com/en-US/thunderbird/
Vendor Information
Mozilla
http://www.mozilla.org/security/announce/2008/mfsa2008-34.html
References
DVLabs
http://zdi.tippingpoint.com/advisories/ZDI-08-044/
IBM ISS
http://xforce.iss.net/xforce/xfdb/43167
Secunia
http://secunia.com/advisories/30761/
CVE Name
CVE-2008-2785
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
