Skip to main content

Mozilla Firefox and Seamonkey Multiple Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 27 Mar 2009 5366 Views

RISK: Medium Risk

Two vulnerability has been identified in Mozilla Firefox and Seamonkey, which could be exploited by remote attackers to cause a denial of service or potentially compromise a vulnerable system.

1. A memory corruption error within the "txMozillaXSLTProcessor::TransformToDoc()" function when processing specially crafted XSLT Transforms, which could be exploited by attackers to crash an affected browser or potentially execute arbitrary code by tricking a user into visiting a specially crafted web page.

2. An error in the processing of the XUL tree method "_moveToEdgeShift()" which could be exploited by attackers to crash an affected browser or potentially execute arbitrary code by tricking a user into visiting a specially crafted web page.

Note: This vulnerability only affect Mozilla Firefox version 3.0.7 and prior.


Impact

  • Denial of Service
  • Remote Code Execution

System / Technologies affected

  • Mozilla Firefox version 3.0.7 and prior
  • Mozilla SeaMonkey version 1.1.15 and prior

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link