Release DateJan 05, 2010 |
Severitycritical |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt against a code-execution vulnerability in Mozilla Firefox.The vulnerability is caused by an error when the vulnerable software handles malformed data in TreeColumns. It allows a remote attacker to execute arbitrary code via sending a crafted web page. |
Affected ProductsMozilla Firefox before 3.0.14, and 3.5.x before 3.5.3 |
Recommended ActionsUpgrade to version 3.0.14 or 3.5.3. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2009-3077 |
Reference/shttp://www.mozilla.org/security/announce/2009/mfsa2009-49.htmlhttp://www.frsirt.com/english/advisories/2009/2585 (FrSIRT) |
