Threat Monitor
Troj.Exploit.JS.CVE-2010-3765.a
| Aliase: | |
|---|---|
| Pattern: | 201101171330 |
| Threat Typ | Verbreitung | Betroffene Systeme | Gefährlichkeit |
|---|---|---|---|
|
|
|
|
Mozilla Firefox is prone to a remote heap buffer overflow vulnerability.
The vulnerability is caused due to an error when handling "document.write()" in combination with DOM insertions and can be exploited to cause a heap-based buffer overflow. The vulnerability can be triggered via RSS feeds if javaScript is enabled or via third party add-ons that enable browser-like functionality. By persuading a victim to visit a malicious web page, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim.
Affected: Mozilla Firefox 3.6.x
Mozilla Firefox 3.5.x
Mozilla Thunderbird 3.1.x
Mozilla Thunderbird 3.0.x
Mozilla SeaMonkey < 2.0.10
The vulnerability is caused due to an error when handling "document.write()" in combination with DOM insertions and can be exploited to cause a heap-based buffer overflow. The vulnerability can be triggered via RSS feeds if javaScript is enabled or via third party add-ons that enable browser-like functionality. By persuading a victim to visit a malicious web page, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim.
Affected: Mozilla Firefox 3.6.x
Mozilla Firefox 3.5.x
Mozilla Thunderbird 3.1.x
Mozilla Thunderbird 3.0.x
Mozilla SeaMonkey < 2.0.10
