Written by Guido Landi
Wednesday, 25 March 2009 22:40
Mozilla Firefox XSL Parsing 'root' XML Tag Remote Memory Corruption Vulnerability
Boundary Condition Error
Mar 25 2009 12:00AM
Mar 25 2009 04:26PM
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.6
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.4
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.2
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0
Mozilla Firefox is prone to a remote memory-corruption vulnerability.
An attacker can exploit this issue to execute arbitrary code within the context of the
affected browser. Failed exploit attempt will result in a denial-of-service condition.
An attacker can exploit this issue by enticing an unsuspecting victim to view a malicious
file using the affected browser.
The following proof of concept is available:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or
if you are aware of more recent information, please mail us at:
http://www.mozilla.com/en-US (Mozilla Foundation)