Bugtraq: Re: iDEFENSE Security Advisory 02.28.05: Mozilla Firefox and Mozilla Browser Out Of Memory Heap Corruption Design Error

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: iDEFENSE Security Advisory 02.28.05: Mozilla Firefox and Mozilla Browser Out Of Memory Heap Corruption Design Error

From: dveditz () cruzio com
Date: Tue, 1 Mar 2005 08:17:05 GMT

Quoting iDEFENSE Labs <labs-no-reply () idefense com>:

iDEFENSE Labs have confirmed The Mozilla Organization's Mozilla 1.7.1 
and 1.7.3, as well as Firefox 0.10.1 are vulnerable to this
issue. A check on the source code for Firefox 1.0 suggests it is also
vulnerable. It is suspected that all previous versions of both browsers
are vulnerable.


Don't you mean 1.0.1 and not "0.10.1" as the vulnerable version of Firefox?


No, they meant 0.10.1, the Firefox Preview Release from last fall. Firefox 1.0.1
contains a fix (as will Mozilla 1.7.6) and has just been released.

-Dan Veditz
Mozilla Security
Group

By Date By Thread

Current thread:

iDEFENSE Security Advisory 02.28.05: Mozilla Firefox and Mozilla Browser Out Of Memory Heap Corruption Design Error iDEFENSE Labs (Feb 28)
- Re: iDEFENSE Security Advisory 02.28.05: Mozilla Firefox and Mozilla Browser Out Of Memory Heap Corruption Design Error Miles Beck (Feb 28)
- <Possible follow-ups>
- Re: iDEFENSE Security Advisory 02.28.05: Mozilla Firefox and Mozilla Browser Out Of Memory Heap Corruption Design Error dveditz (Mar 01)