Mozilla Firefox 3.0.x, 3.5, and 3.5.1 on Windows allows remote malicious users to cause a denial of service (uncaught exception and application crash) via a long Unicode string argument to the write method. NOTE: this was originally reported as a stack-based buffer overflow. NOTE: on Linux and Mac OS X, a crash resulting from this long string reportedly occurs in an operating-system library, not in Firefox.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
mozilla firefox 3.0.3 |
||
mozilla firefox 3.0.13 |
||
mozilla firefox 3.0.16 |
||
mozilla firefox 3.0.9 |
||
mozilla firefox 3.0.10 |
||
mozilla firefox 3.0.17 |
||
mozilla firefox 3.0.4 |
||
mozilla firefox 3.0.12 |
||
mozilla firefox 3.0.15 |
||
mozilla firefox 3.5 |
||
mozilla firefox 3.0.14 |
||
mozilla firefox 3.0.7 |
||
mozilla firefox 3.0.5 |
||
mozilla firefox 3.0.2 |
||
mozilla firefox 3.5.1 |
||
mozilla firefox 3.0.1 |
||
mozilla firefox 3.0.6 |
||
mozilla firefox 3.0.11 |
||
mozilla firefox 3.0.8 |
Vulmon