CVE-2008-0017 Information
Description
The http-index-format MIME type parser (nsDirIndexParser) in Firefox 3.x before 3.0.4 Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x before 1.1.13 does not check for an allocation failure which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP index response with a crafted 200 header which triggers memory corruption and a buffer overflow.
Reference
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00004.html http://secunia.com/advisories/32684 http://secunia.com/advisories/32693 http://secunia.com/advisories/32694 http://secunia.com/advisories/32695 http://secunia.com/advisories/32713 http://secunia.com/advisories/32714 http://secunia.com/advisories/32721 http://secunia.com/advisories/32778 http://secunia.com/advisories/32845 http://secunia.com/advisories/32853 http://secunia.com/advisories/33433 http://secunia.com/advisories/34501 http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 http://ubuntu.com/usn/usn-667-1 http://www.debian.org/security/2008/dsa-1669 http://www.debian.org/security/2008/dsa-1671 http://www.debian.org/security/2009/dsa-1697 http://www.iss.net/threats/311.html http://www.mandriva.com/security/advisories?name=MDVSA-2008:228 http://www.mandriva.com/security/advisories?name=MDVSA-2008:230 http://www.mozilla.org/security/announce/2008/mfsa2008-54.html http://www.redhat.com/support/errata/RHSA-2008-0977.html http://www.redhat.com/support/errata/RHSA-2008-0978.html http://www.securityfocus.com/bid/32281 http://www.securitytracker.com/id?1021185 http://www.us-cert.gov/cas/techalerts/TA08-319A.html http://www.vupen.com/english/advisories/2008/3146 http://www.vupen.com/english/advisories/2009/0977 https://bugzilla.mozilla.org/show_bug.cgi?id=443299 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11005 https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00366.html https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00385.html
Share on: