Mozilla Firefox 3.5 'TraceMonkey' Component Remote Code Execution Vulnerability
危険度: 中
CVE識別番号: CVE-2009-2477
情報公開日: 7 21, 2015
概要
js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka TraceMonkey) in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a document containing P and FONT elements.
トレンドマイクロの対策
Apply associated Trend Micro DPI Rules.
対応方法
Trend Micro Deep Security DPI Rule Number: 1003625
Trend Micro Deep Security DPI Rule Name: 1003625 - Mozilla Firefox 3.5 Remote Buffer Overflow
影響を受けるソフトウェア
- mozilla firefox 3.5