Lucene search

K

SAINT CorporationSAINT:54B86D8A0C9F73367AA3934B5C266E35

HistoryMay 21, 2012 - 12:00 a.m.

Firefox DOMAttrModified nsSVGValue Observer Handling Out-of-bounds Memory Access

2012-05-2100:00:00

SAINT Corporation

download.saintcorporation.com

14

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.954

Percentile

99.4%

Added: 05/21/2012
CVE: CVE-2011-3658
BID: 51138
OSVDB: 77953

Background

Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS.

Problem

A flaw in the Mozilla SVG implementation could result in an out-of-bounds memory access and possible remote code execution if SVG elements are removed during a **DOMAttrModified** event handler.

Resolution

Upgrade to Firefox 9.0 or higher.

References

<http://www.zerodayinitiative.com/advisories/ZDI-12-056/>
<https://bugzilla.mozilla.org/show_bug.cgi?id=708186>

Limitations

This exploit has been tested on Mozilla Foundation Firefox 7.0.1 and 8.0.1 on Windows XP SP3 English (DEP OptIn).

The user must load the exploit page in Firefox.

Platforms

Windows XP

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.954

Percentile

99.4%

Related for SAINT:54B86D8A0C9F73367AA3934B5C266E35

cvelist1 prion1 metasploit1 openvas25 mozilla1 checkpoint_advisories1 canvas1 saint3 ubuntucve1 zdi1 seebug1 packetstorm1 nvd1 cve1 exploitdb1 nessus23 suse4 ubuntu5 freebsd1 securityvulns1 gentoo1