Mozilla Firefox and Thunderbird JPEG image Decoding Buffer Overflow Vulnerability

Release date:
Updated on:

Affected Systems:
Mozilla Firefox 3.6.x
Mozilla Thunderbird <= 3.1.7
Ubuntu Linux 9.10 amd64
Ubuntu Linux 8.04 LTS s
Ubuntu Linux 8.04 LTS p
Ubuntu Linux 8.04 LTS l
Ubuntu Linux 8.04 LTS I
Ubuntu Linux 8.04 LTS
Ubuntu Linux 10.10 powe
Ubuntu Linux 10.10 i386
Ubuntu Linux 10.10 ARM
Ubuntu Linux 10.10 amd6
Ubuntu Linux 10.04 spar
Ubuntu Linux 10.04 powe
Ubuntu Linux 10.04 i386
Ubuntu Linux 10.04 ARM
Ubuntu Linux 10.04 amd6
Ubuntu Linux 9.10 powerpc
Ubuntu Linux 9.10 lpia
Ubuntu Linux 9.10 i386
Ubuntu Linux 9.10 ARM
Ubuntu Linux 9.10
Unaffected system:
Mozilla Firefox 3.6.14
Mozilla Thunderbird 3.1.8
Description:
--------------------------------------------------------------------------------
Bugtraq id: 46651
Cve id: CVE-2011-0061

Firefox is a very popular open-source WEB browser. Thunderbird is a mail client that supports IMAP, POP protocol, and HTML format.

Mozilla Firefox and Thunderbird have a vulnerability in processing specially crafted JPEG images. Attackers can exploit this vulnerability to execute arbitrary code in affected applications to cause DOS.

<* Source: Jordi Chancel

Link: http://www.mozilla.org/security/announce/2011/mfsa2011-09.html
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Mozilla
-------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.mozilla.org/