Release DateDec 15, 2009 |
Severitycritical |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems.Denial of Service: Remote attackers can crash vulnerable systems. |
DescriptionThis indicates an attack attempt against a memory corruption vulnerability in Mozilla Firefox web browser.The vulnerability is caused by an error when the vulnerable software handles a specially crafted first letter frame. It allows a remote attacker to execute arbitrary code or cause a denial of service. |
Affected ProductsMozilla Firefox 3.5.3 and previous versions |
Recommended ActionsUpdate to the latest versions:http://www.firefox.com/ |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2009-3382 |
Reference/shttp://www.securityfocus.com/bid/36843 (BugTraq)https://bugzilla.mozilla.org/show_bug.cgi?id=514960 |
