Release DateAug 18, 2009 |
Severitycritical |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems.Denial of Service: Remote attackers can crash vulnerable systems. |
DescriptionThis indicates an attack attempt against a memory corruption vulnerability in Mozilla Firefox.The vulnerability is caused by an error when the vulnerable software handles a specially crafted webpage. It allows a remote attacker to execute arbitrary code. |
Affected ProductsMozilla Firefox 3.0.10 and prior |
Recommended ActionsUpgrade to Mozilla Firefox version 3.0.11:http://www.mozilla.com/firefox/ |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2009-1392 |
Reference/shttp://www.securityfocus.com/bid/35326 (BugTraq)http://www.frsirt.com/english/advisories/2009/1572 (FrSIRT) https://bugzilla.mozilla.org/show_bug.cgi?id=429969 |
