Mozilla Firefox 3.5 'TraceMonkey' Component Remote Code Execution Vulnerability
Data de publicação: 21 julho 2015
Schweregrad: : Medium
Identificador(es) CVE: : CVE-2009-2477
Data do informe: 21 julho 2015
Descrição
js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka TraceMonkey) in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a document containing P and FONT elements.
Exposição das informações
Apply associated Trend Micro DPI Rules.
Solução
Trend Micro Deep Security DPI Rule Number: 1003625
Trend Micro Deep Security DPI Rule Name: 1003625 - Mozilla Firefox 3.5 Remote Buffer Overflow
Software infectado e versão:
- mozilla firefox 3.5