Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

UTF-8 URL stack buffer overflow

Related Vulnerabilities: CVE-2008-0016  

Source

Mozilla Foundation Security Advisory 2008-37

UTF-8 URL stack buffer overflow

Announced
September 23, 2008
Reporter
Justin Schuh, Tom Cross, Peter William
Impact
Critical
Products
Firefox, SeaMonkey, Thunderbird
Fixed in
  • Firefox 2.0.0.17
  • SeaMonkey 1.1.12
  • Thunderbird 2.0.0.17

Description

Justin Schuh and Tom Cross of the IBM X-Force and Peter Williams of IBM Watson Labs reported errors in Mozilla URL parsing routines. These errors could be exploited using a specially crafted UTF-8 URL in a hyperlink which could overflow a stack buffer and allow an attacker to execute arbitrary code.

Firefox 3 is not affected by this issue

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started