Уязвимость нарушения синхронизации в Mozilla Firefox, Netscape и K-Meleon, приводящая к DoS атаке и потенциальному выполнению произвольного кода
Описание
Уязвимость в браузере Mozilla Firefox версий 1.5.0.6 и более ранних позволяет злоумышленникам провести DoS атаку и, возможно, выполнить произвольный код. Это происходит через использование нескольких событий JavaScript, срабатывающих по таймеру, которые затем загружают глубоко вложенный XML файл. После этого браузер перенаправляется на другую страницу, что приводит к ошибке синхронизации и некорректному освобождению структур данных. Эта уязвимость была продемонстрирована с помощью сценариев "ffoxdie" и "ffoxdie3".
Затронутые версии ПО
- Mozilla Firefox версии 1.5.0.6 и более ранние
- Netscape версия 8.1
- K-Meleon версия 1.0.1
- Mozilla Firefox версии 2.0 RC2 и 1.5.0.7
Тип уязвимости
- DoS атака
- Возможное выполнение произвольного кода
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
7.6 High
CVSS2
Дефекты
Связанные уязвимости
Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads to a concurrency failure that causes structures to be freed incorrectly, as demonstrated by (1) ffoxdie and (2) ffoxdie3. NOTE: it has been reported that Netscape 8.1 and K-Meleon 1.0.1 are also affected by ffoxdie. Mozilla confirmed to CVE that ffoxdie and ffoxdie3 trigger the same underlying vulnerability. NOTE: it was later reported that Firefox 2.0 RC2 and 1.5.0.7 are also affected.
Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads to a concurrency failure that causes structures to be freed incorrectly, as demonstrated by (1) ffoxdie and (2) ffoxdie3. NOTE: it has been reported that Netscape 8.1 and K-Meleon 1.0.1 are also affected by ffoxdie. Mozilla confirmed to CVE that ffoxdie and ffoxdie3 trigger the same underlying vulnerability. NOTE: it was later reported that Firefox 2.0 RC2 and 1.5.0.7 are also affected.
Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allow ...
Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads to a concurrency failure that causes structures to be freed incorrectly, as demonstrated by (1) ffoxdie and (2) ffoxdie3. NOTE: it has been reported that Netscape 8.1 and K-Meleon 1.0.1 are also affected by ffoxdie. Mozilla confirmed to CVE that ffoxdie and ffoxdie3 trigger the same underlying vulnerability. NOTE: it was later reported that Firefox 2.0 RC2 and 1.5.0.7 are also affected.
Уязвимость браузера Firefox, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
EPSS
7.6 High
CVSS2