Fluid Attacks Database

Description

Buffer overflow in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long string that triggers construction of a long text run.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
rpm rhel6	xulrunner	<0:1.9.2.14-3.el6_0	0:1.9.2.14-3.el6_0
rpm rhel5	xulrunner	<0:1.9.2.14-4.el5_6	0:1.9.2.14-4.el5_6
rpm rhel6	firefox	<0:3.6.14-4.el6_0	0:3.6.14-4.el6_0
rpm rhel5	firefox	<0:3.6.14-4.el5_6	0:3.6.14-4.el5_6

Aliases

1. CVE-2011-00582. NVD-2011-00583. OSV-2011-0058

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.