Firefox 1.0.7 IFRAME Float Stack Overflow


Release Date:
October 5, 2005


Date Reported:
August 8, 2005


Severity:
Medium


Vendor:
Mozilla Foundation


Versions Affected:
Firefox 1.0.7 Linux


Overview:
A stack overflow vulnerability exists within Firefox 1.0.7 and all prior versions for linux which may allow for an attacker to execute arbitrary code on a targeted host.


Technical Details:
The issue is when an IFRAME has the width of 33333333, this causes Firefox to crash.


The following code below will reproduce this issue:


IFRAME WIDTH=33333333 >


Vendor Status:
Mozilla is currently working on a patch.


Discovered by:
Tom Ferris


Related Links:
http://security-protocols.com/poc/sp-x19-poc.html


Copyright (c) 2005 Security-Protocols, LLC

• Search

  
  
  

• Categories

  • Advisories
  • Affiliate Marketing
  • Apple
  • Books
  • Encryption
  • Flaws
  • Fuzzers
  • Gadgets
  • Humor
  • iPhone
  • Link Development
  • Microsoft
  • Misc
  • News
  • Off Topic
  • Photos
  • Reversing
  • Search Engines
  • Search Marketing
  • Security
  • SEO
  • Speedlinking
  • Tools
• 
  
  

  Archives

  • June 2008
  • May 2008
  • April 2008
  • March 2008
  • January 2008
  • December 2007
  • November 2007
  • October 2007
  • September 2007
  • August 2007
  • July 2007
  • June 2007
  • May 2007
  • April 2007
  • March 2007
  • February 2007
  • January 2007
  • December 2006
  • November 2006

• Meta

  • Log in
  • RSS 2.0
  
  
• 
  

  Blogroll

  
  Ladera Ranch Photography
  Invenio Security
  
  
  

Security-Protocols, LLC 2000 - 2008