Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Mozilla Firefox Multiple Memory Corruption Vulnerabilities Nov-09 (Linux)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
This host is installed with Mozilla Firefox and is prone to multiple memory vorruption vulnerabilities.
Insight
Insight
- An error exists when creating JavaScript web-workers recursively that can be exploited to trigger the use of freed memory. - An error in the embedded 'liboggz' or 'libvorbis' library that can be exploited to cause a crash. - An error exists in the 'oggplay_data_handle_theora_frame' function in media/liboggplay/src/liboggplay/oggplay_data.c in 'liboggplay' library that can be exploited to cause a crash.
Affected Software
Affected Software
Firefox version 3.5 before 3.5.4 on Linux.
Solution
Solution
Upgrade to Firefox version 3.5.4.