Mozilla Firefox and SeaMonkey text run build Memory Corruption Vulnerability

Release date:
Updated on:

Affected Systems:
Mozilla Firefox 3.6.x
Ubuntu Linux 9.10 amd64
Ubuntu Linux 8.04 LTS s
Ubuntu Linux 8.04 LTS p
Ubuntu Linux 8.04 LTS l
Ubuntu Linux 8.04 LTS I
Ubuntu Linux 8.04 LTS
Ubuntu Linux 10.10 powe
Ubuntu Linux 10.10 i386
Ubuntu Linux 10.10 ARM
Ubuntu Linux 10.10 amd6
Ubuntu Linux 10.04 spar
Ubuntu Linux 10.04 powe
Ubuntu Linux 10.04 i386
Ubuntu Linux 10.04 ARM
Ubuntu Linux 10.04 amd6
Ubuntu Linux 9.10 powerpc
Ubuntu Linux 9.10 lpia
Ubuntu Linux 9.10 i386
Ubuntu Linux 9.10 ARM
Ubuntu Linux 9.10
Mozilla SeaMonkey 2.0.x
Unaffected system:
Mozilla Firefox 3.6.14
Mozilla Firefox 3.5.17
Mozilla SeaMonkey 2.0.12
Description:
--------------------------------------------------------------------------------
Bugtraq id: 46660
Cve id: CVE-2011-0058

Firefox is a very popular open-source WEB browser. SeaMonkey is an open-source Web browser, mail and newsgroup client, IRC session client, and HTML editor.

Mozilla Firefox and SeaMonkey have implementation vulnerabilities. Attackers can exploit these vulnerabilities to execute arbitrary code in the affected applications, resulting in DOS.

When an excessively long string is inserted into an HTML document, the browser will incorrectly construct the layout object used to display the text. In this case, the text Running length is incorrectly calculated, resulting in a memory buffer allocated to the text storage. Attackers can exploit this vulnerability to write data at the end of the buffer to execute malicious code.

<* Source: Alex Miller

Link: http://www.mozilla.org/security/announce/2011/mfsa2011-07.html
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Mozilla
-------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.mozilla.org/