Gravedad: Crítico
  Identificadores de CVE : CVE-2008-2785
  Fecha recomendada: 15 de febrero de 2011

  Descripción

 Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which allows remote attackers to execute arbitrary code via a large number of references to a common CSS object, leading to a counter overflow and a free of in-use memory, aka ZDI-CAN-349.

  Revelación de la información

Trend Micro Deep Security shields networks through Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities. Please refer to the filter number and filter name when applying appropriate DPI and/or IDF rules.

  Soluciones

  Trend Micro Deep Security DPI Rule Number: 1002682
  Trend Micro Deep Security DPI Rule Name: 1002682 - Mozilla Firefox Code Execution Vulnerability

  Software y versión afectados

  • mozilla firefox 2.0
  • mozilla firefox 2.0.0.1
  • mozilla firefox 2.0.0.10
  • mozilla firefox 2.0.0.11
  • mozilla firefox 2.0.0.12
  • mozilla firefox 2.0.0.13
  • mozilla firefox 2.0.0.14
  • mozilla firefox 2.0.0.15
  • mozilla firefox 2.0.0.2
  • mozilla firefox 2.0.0.3
  • mozilla firefox 2.0.0.4
  • mozilla firefox 2.0.0.5
  • mozilla firefox 2.0.0.6
  • mozilla firefox 2.0.0.7
  • mozilla firefox 2.0.0.8
  • mozilla firefox 2.0.0.9
  • mozilla firefox 3.0
  • mozilla seamonkey 1.0
  • mozilla seamonkey 1.0.1
  • mozilla seamonkey 1.0.2
  • mozilla seamonkey 1.0.3
  • mozilla seamonkey 1.0.4
  • mozilla seamonkey 1.0.5
  • mozilla seamonkey 1.0.6
  • mozilla seamonkey 1.0.7
  • mozilla seamonkey 1.0.8
  • mozilla seamonkey 1.0.9
  • mozilla seamonkey 1.1
  • mozilla seamonkey 1.1.1
  • mozilla seamonkey 1.1.10
  • mozilla seamonkey 1.1.2
  • mozilla seamonkey 1.1.3
  • mozilla seamonkey 1.1.4
  • mozilla seamonkey 1.1.5
  • mozilla seamonkey 1.1.6
  • mozilla seamonkey 1.1.7
  • mozilla seamonkey 1.1.8
  • mozilla seamonkey 1.1.9
  • mozilla thunderbird 0.1
  • mozilla thunderbird 0.2
  • mozilla thunderbird 0.3
  • mozilla thunderbird 0.4
  • mozilla thunderbird 0.5
  • mozilla thunderbird 0.6
  • mozilla thunderbird 0.7
  • mozilla thunderbird 0.8
  • mozilla thunderbird 0.9
  • mozilla thunderbird 1.0
  • mozilla thunderbird 1.0.2
  • mozilla thunderbird 1.0.5
  • mozilla thunderbird 1.0.6
  • mozilla thunderbird 1.0.7
  • mozilla thunderbird 1.0.8
  • mozilla thunderbird 1.5
  • mozilla thunderbird 1.5.0.10
  • mozilla thunderbird 1.5.0.12
  • mozilla thunderbird 1.5.0.13
  • mozilla thunderbird 1.5.0.14
  • mozilla thunderbird 1.5.0.2
  • mozilla thunderbird 1.5.0.4
  • mozilla thunderbird 1.5.0.5
  • mozilla thunderbird 1.5.0.7
  • mozilla thunderbird 1.5.0.8
  • mozilla thunderbird 1.5.0.9
  • mozilla thunderbird 2.0.0.0
  • mozilla thunderbird 2.0.0.12
  • mozilla thunderbird 2.0.0.14
  • mozilla thunderbird 2.0.0.4
  • mozilla thunderbird 2.0.0.5
  • mozilla thunderbird 2.0.0.6
  • mozilla thunderbird 2.0.0.9