The http-index-format MIME type parser (nsDirIndexParser) in Firefox 3.x prior to 3.0.4, Firefox 2.x prior to 2.0.0.18, and SeaMonkey 1.x prior to 1.1.13 does not check for an allocation failure, which allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP index response with a crafted 200 header, which triggers memory corruption and a buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox |
||
mozilla seamonkey |
||
canonical ubuntu linux 8.10 |
||
canonical ubuntu linux 8.04 |
||
canonical ubuntu linux 7.10 |
||
canonical ubuntu linux 6.06 |
||
debian debian linux 4.0 |
||
debian debian linux 5.0 |