Ravens PHP Scripts

Mozilla Firefox Javascript Garbage Collector Vulnerability
Date: Thursday, April 17, 2008 @ 20:12:50 PDT
Topic: Security


SECUNIA ADVISORY ID: SA29787

VERIFY ADVISORY: http://secunia.com/advisories/29787/

CRITICAL: Highly critical

IMPACT: DoS, System access

SOFTWARE: Mozilla Firefox 2.0.x http://secunia.com/product/12434/

DESCRIPTION: A vulnerability has been reported in Mozilla Firefox, which can potentially be exploited by malicious people to compromise a user's system. The vulnerability is reported in version 2.0.0.13. Prior versions may also be affected.



The vulnerability is caused due to an error in the Javascript Garbage Collector and can be exploited to cause a memory corruption via specially crafted Javascript code. Successful exploitation may allow execution of arbitrary code.

SOLUTION: Update to version 2.0.0.14. http://www.mozilla.com/en-US/firefox/

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

ORIGINAL ADVISORY: Mozilla Foundation: http://www.mozilla.org/security/announce/2008/mfsa2008-20.html






This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3306