CSS Letter-Spacing Heap Overflow Vulnerability
Gravità: : Basso
Identificatori CVE: CVE-2006-1730
Data notifica: 11 febbraio 2011
Descrizione
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow.
Informazioni esposizione:
Fixed in: Firefox 1.5.0.2, Firefox 1.0.8, Thunderbird 1.5.0.2, Thunderbird 1.0.8, SeaMonkey 1.0.1, Mozilla Suite 1.7.13
Soluzioni
Trend Micro Deep Security DPI Rule Number: 1000757
Trend Micro Deep Security DPI Rule Name: 1000757 - CSS Letter-Spacing Heap Overflow Vulnerability
Software e versione interessati:
- Mozilla Firefox 1.0
- Mozilla Firefox 1.0.1
- Mozilla Firefox 1.0.2
- Mozilla Firefox 1.0.3
- Mozilla Firefox 1.0.4
- Mozilla Firefox 1.0.5
- Mozilla Firefox 1.0.6
- Mozilla Firefox 1.0.7
- Mozilla Firefox 1.5
- Mozilla Firefox 1.5.0.1
- Mozilla Mozilla suite 1.7.10
- Mozilla Mozilla suite 1.7.11
- Mozilla Mozilla suite 1.7.12
- Mozilla Mozilla suite 1.7.6
- Mozilla Mozilla suite 1.7.7
- Mozilla Mozilla suite 1.7.8
- Mozilla SeaMonkey 1.0
- Mozilla Thunderbird 1.0
- Mozilla Thunderbird 1.0.1
- Mozilla Thunderbird 1.0.2
- Mozilla Thunderbird 1.0.3
- Mozilla Thunderbird 1.0.4
- Mozilla Thunderbird 1.0.5
- Mozilla Thunderbird 1.0.6
- Mozilla Thunderbird 1.0.7
- Mozilla Thunderbird 1.5
- Mozilla Thunderbird 1.5.0.1