News: Cexx forums, with volunteers dedicated to helping you remove malware and stay protected
 
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
May 21, 2013, 22:31:55
linktree cexx.org - Support Forums  >  Everything Else  >  General Discussion
linktree Topic: Vuln found in Mozilla (v1.7.3) - Fix available
Pages: [1]   Go Down
« previous next »
  Print  
Topic: Vuln found in Mozilla (v1.7.3) - Fix available  (Read 839 times)
0 Members and 1 Guest are viewing this topic.
« on: January 03, 2005, 20:56:32 »
AplusWebMaster Offline
Global Moderator WWW
Karma: 501
Posts: 7319
FYI...

- http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1037799,00.html
"An attacker could use a fresh vulnerability in Mozilla to cause a heap-based buffer overflow and launch malicious code, according to two security organizations. Users are advised to update to version 1.7.5...Secunia said the problem is caused by "a boundary error in the 'MSG_UnEscapeSearchUrl()' function in 'nsNNTPProtocol.cpp' when processing NNTP URIs." This can be exploited by a malicious Web site to cause a heap-based buffer overflow when referencing a specially crafted, overly long "news://" URI, the firm said. A successful attacker could use the exploit to transmit malicious code. The vulnerability has been reported in version 1.7.3 and prior, but is fixed in version 1.7.5.

- http://secunia.com/advisories/13687/
   2005-01-03
Solution:
Update to version 1.7.5
>>> http://www.mozilla.org/download/
Logged
This machine has no brain.
....... Use your own.
Browser check for updates here.
.
 
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by SMF 1.1.18 | SMF © 2013, Simple Machines Page created in 0.126 seconds with 19 queries.