Mozilla JavaScript Garbage Collector Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 18 Apr 2008 4492 Views

RISK: Medium Risk

A vulnerability has been identified in Mozilla Firefox, Thunderbird and SeaMonkey, which could be exploited by remote attackers to cause a denial of service or compromise a vulnerable system. This issue is caused by memory corruption errors in the JavaScript Garbage Collector when processing malformed data, which could be exploited by attackers to crash an affected application or execute arbitrary code.

Impact

Denial of Service
Remote Code Execution

System / Technologies affected

Mozilla Firefox versions prior to 2.0.0.14
Mozilla SeaMonkey versions prior to 1.1.10
Mozilla Thunderbird versions prior to 2.0.0.14

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Upgrade to Mozilla Firefox version 2.0.0.14 :
http://www.mozilla.com/firefox/
Upgrade to Mozilla Thunderbird version 2.0.0.14 :
http://www.mozilla.org/projects/thunderbird/
Upgrade to Mozilla SeaMonkey version 1.1.10 :
http://www.mozilla.org/projects/seamonkey/

Vulnerability Identifier

CVE-2008-1380

Source

Related Link

Share with

OpenOffice Multiple Vulnerabilities

18 Apr 2008 4566 Views

ICQ Personal Status Manager Vulnerability

22 Apr 2008 4444 Views