Lucene search
RegenrechtZDI-10-047HistoryApr 02, 2010 - 12:00 a.m.
Mozilla Firefox libpr0n imgContainer Bits-Per-Pixel Change Remote Code Execution Vulnerability
2010-04-0200:00:00
regenrecht
www.zerodayinitiative.com
21
EPSS
0.072
Percentile
94.1%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the libpr0n library which is responsible for handling image caching and animation and is due to the way the application handles animations received from the server via the multipart/x-mixed-replace mimetype. During a case where the bits-per-pixel changes, the application will free a pointer and then can be made to reuse the freed pointer later. This can lead to code execution under the context of the application.
Related
cvelist
cvelist
CVE-2010-0164
2010-03-25 20:31:00
securityvulns
securityvulns
nvd
nvd
CVE-2010-0164
2010-03-25 21:00:00
prion
prion
Design/Logic Flaw
2010-03-25 21:00:00
mozilla
mozilla
Deleted frame reuse in multipart/x-mixed-replace image — Mozilla
2010-03-23 00:00:00
seebug
seebug
Mozilla Firefox 3.6 libpr0n库远程代码执行漏洞
2010-03-24 00:00:00
ubuntucve
ubuntucve
CVE-2010-0164
2010-03-25 00:00:00
cve
cve
CVE-2010-0164
2010-03-25 21:00:00
openvas
openvas
Firefox Multiple Vulnerabilities (Mar 2010) - Windows
2010-03-30 00:00:00
Firefox Multiple Vulnerabilities Mar-10 (Linux)
2010-03-30 00:00:00
Firefox Multiple Vulnerabilities Mar-10 (Windows)
2010-03-30 00:00:00
nessus
nessus
Mozilla Firefox < 3.6.2 Multiple Vulnerabilities.
2010-03-23 00:00:00
Firefox 3.6.x < 3.6.2 Multiple Vulnerabilities
2010-03-23 00:00:00
Mandriva Linux Security Advisory : firefox (MDVSA-2010:070-1)
2010-04-14 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00