‫ Mozilla Firefox Multiple Vulnerabilities

IRCAD2011041174
ID:IRCAD2011041174
Release Date: 2011-04-29
Criticality level: Highly critical
Software:
Mozilla Firefox 4.0.x
 
Description:
Multiple vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to compromise a user's system.
 
1) Multiple errors in the browser engine can be exploited to corrupt memory and potentially
xecute arbitrary code.
 
2) An error in the WebGLES library when loading a shader can be exploited to cause a buffer overflow and execute arbitrary code.
 
3) An off-by-three error in libGLESv2 can be exploited to corrupt memory and execute arbitrary code.
 
NOTE: Additionally, a weakness exists within the "generate-id()" XPath function (libxslt), which can be exploited to disclose certain addresses from the heap.
 
The vulnerabilities are reported in versions prior to 4.0.1.
 
Solution:
Update to version 4.0.1.
 
References:
 
Secunia:
http://secunia.com/advisories/44406/

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 1 فروردین 1388

امتیاز

امتیاز شما
تعداد امتیازها:0