FrSIRT - Mozilla Products Code Execution and Injection Vulnerabilities / Exploit (Security Advisories)

French Security Incident Response Team

French

English

Mozilla Products Code Execution and Injection Vulnerabilities

Title : Mozilla Products Code Execution and Injection Vulnerabilities
Advisory ID : FrSIRT/ADV-2008-1873
CVE ID : CVE-2008-2785 - CVE-2008-2786 - CVE-2008-2933 - CVE-2008-3198
Rated as : Critical

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2008-06-19

Advisory Details

Description

Affected Products

Solution

References

Technical Description

Multiple vulnerabilities has been identified in Mozilla products, which could be exploited by remote attackers to compromise a vulnerable system.

The first issue is caused by an error in the internal CSSValue array data structure when processing an overly large number of references to a common CSS object, which could allow attackers to execute arbitrary code by tricking a user into visiting a malicious and specially crafted web page [...]

References

http://www.frsirt.com/english/advisories/2008/1873
http://dvlabs.tippingpoint.com/blog/2008/06/18/vulnerability-in-mozilla-firefox-30
http://www.mozilla.org/security/announce/2008/mfsa2008-34.html
http://www.mozilla.org/security/announce/2008/mfsa2008-35.html

Credits

Vulnerabilities reported by ZDI, Billy Rios, Ben Turner and Dan Veditz.

ChangeLog

2008-06-19 : Initial release
2008-07-16 : Updated Description and Solution

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.

Mailinglist

	Microsoft XML Core Services Multiple Remote Vulnerabilities (MS08-069)
	Microsoft Windows SMB Credential Reflection Vulnerability (MS08-068)
	Microsoft Windows Server Service Vulnerability (MS08-067)
	Microsoft Windows "afd.sys" Privilege Escalation Vulnerability (MS08-066)
	Microsoft Windows MSMQ Code Execution Vulnerability (MS08-065)
	Microsoft Windows VADs Privilege Escalation Vulnerability (MS08-064)
	Microsoft Windows SMB Code Execution Vulnerability (MS08-063)

	Mozilla Products Code Execution and Security Bypass Vulnerabilities
	Mozilla Firefox Shortcut Handlingg Information Disclosure Vulnerability
	Mozilla Products Code Execution and Security Bypass Vulnerabilities
	Mozilla Firefox for Mac OS X GIF Rendering Code Execution Vulnerability
	Mozilla Products Remote Code Execution and Security Bypass Issues
	Mozilla Products Code Execution and Injection Vulnerabilities
	Mozilla JavaScript Garbage Collector Code Execution Vulnerability

	Apple Safari Code Execution and Security Bypass Vulnerabilities
	Apple iLife and Aperture Image Handling Code Execution Vulnerabilities
	Apple Mac OS X Code Execution and Security Bypass Vulnerabilities
	Apple TV Multiple File Processing Code Execution Vulnerabilities
	Apple Mac OS X Code Execution and Security Bypass Vulnerabilities
	Apple iPhone Code Execution and Security Bypass Vulnerabilities
	Apple QuickTime Multiple Remote Code Execution Vulnerabilities