[SA32040] Mozilla Firefox "keypress" User Interface Event Dispatching Weakness

SecuToolBox : Bluetooth Stack Smasher v0.6 / Bluetooth Stack Smasher v0.8 / Slides Bluetooth Eurosec 2006 / Exposé vidéo Windows Shellcode - Kostya Kortchinsky / Exposé audio Reverse Engineering - Nicolas Brulez / Exposé vidéo Securitech - Pierre Betouin / WEP + Aircrack + Ubiquiti (MadWifi) 530 mW + Yagi / Secure WIFI WPA + EAP-TLS + Freeradius / Audit Windows / Captive Password Windows / USBDumper / USBDumper 2 / Hacking Hardware / WishMaster backdoor / DNS Auditing Tool / Ettercap SSL MITM / Exploit vulnérabilités Windows / Memory Dumper Kernel Hardening / Reverse Engineering / Scapy / SecUbuLIVE CD / Metasploit / eEye Blink Sec Center / eEye Retina Scanner

[Message Precedent sur la mailing][Message Suivant sur la mailing][Precedent dans le fil][Prochain dans le fil][Index par Date][Index par fil] [SA32040] Mozilla Firefox "keypress" User Interface Event Dispatching Weakness

Do you need accurate and reliable IDS / IPS / AV detection rules? Get in-depth vulnerability details: link://[click]

TITLE: Mozilla Firefox "keypress" User Interface Event Dispatching Weakness

SECUNIA ADVISORY ID: SA32040

VERIFY ADVISORY: link://[click]

CRITICAL: Not critical

IMPACT: DoS

WHERE: From remote SOFTWARE: Mozilla Firefox 3.x link://[click]

DESCRIPTION: Aditya K Sood has discovered a weakness in Mozilla Firefox, which can be exploited by malicious people to cause a DoS (Denial of Service).

The weakness is caused due to an error when dispatching "keypress" user interface events with e.g. the HTML root element as target. This may potentially result in use of invalid memory or memory corruption via a specially crafted web page.

Successful exploitation crashes the browser. However, even though code execution has not been proven, it can't be completely ruled out.

The weakness is confirmed in version 3.0.3 for Windows. Version 2.x is not affected.

NOTE: Secunia normally does not classify a browser crash as a vulnerability nor issue an advisory about it. However, the potential impact of this issue may be more severe than currently believed.

SOLUTION: The weakness is fixed in the pre-release nightly builds of 3.1 and will be fixed in the upcoming version 3.0.4.

PROVIDED AND/OR DISCOVERED BY: Reported as a NULL-pointer dereference crash by Aditya K Sood.

Additional information provided by Secunia Research.

ORIGINAL ADVISORY: link://[click]

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: link://[click]

Definitions: (Criticality, Where etc.) link://[click]

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link.

Secunia NEVER sends attached files with advisories.

Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Precedent par Date: [SA32065] EC-CUBE Multiple Vulnerabilities
Suivant par Date: [SA32064] Xen XenStore Domain Backend Configuration Weakness
Precedent par fil : [SA32065] EC-CUBE Multiple Vulnerabilities
Suivant par fil : [SA32064] Xen XenStore Domain Backend Configuration Weakness
Index(s):
- Date
- Fil

Archives de la liste de diffusion Secunia
Archives de la liste de diffusion BugTraq
Archives de la liste de diffusion DailyDave
Archives de la liste de diffusion FunSec
Archives de la liste de diffusion Full Disclosure
Archives de la liste de diffusion Focus-IDS (FD)
Archives de la liste de diffusion Webappsec (FD)
Archives de la liste de diffusion Security-basics (FD)
Archives de la liste de diffusion Vulndiscuss
Archives de la liste de diffusion Vulnwatch

Mini-Tagwall des articles publiés sur SecuObs :

sécurité, windows, exploit, réseau, vulnérabilité, système, attaque, microsoft, virus, audit, internet, présentation, fonction, données, linux, outil, bluetooth, shell, gestion, vista, trames, wishmaster, sysun, paquets, metasploit, téléphone, engineering, fonctions + de mots clés avec l'annuaire des articles publiés sur SecuObs

Archives Failles Secunia :

- SA32774 Citrix XenServer Ext2/Ext3 Processing Security Bypass Vulnerability - SA32761 No-IP Linux Dynamic Update Client Buffer Overflow Vulnerability - SA32778 Ubuntu update for firefox, firefox-3.0, and xulrunner-1.9 - SA32659 E-topbiz Link Back Checker auth Cookie Security Bypass - SA32745 Free Directory Script API_HOME_DIR File Inclusion Vulnerability + d'archives failles avec Secunia et SecuMail

Archives Mailing Full Disclosure :

- Re: Full-disclosure Fwd: Three London hospitals have been forced to shut down their entire computer systems for at least 24 hours after being hit by a virus - Re: Full-disclosure Fredrick Diggle Security is looking for a few good men (or mediocre women) - Re: Full-disclosure Fwd: Three London hospitals have been forced to shut down their entire computer systems for at least 24 hours after being hit by a virus - Re: Full-disclosure Fwd: Three London hospitals have been forced to shut down their entire computer systems for at least 24 hours after being hit by a virus - Full-disclosure MDVSA-2008:220-1 kernel + d'archives Full Disclosure avec SecuMail

Archives Mailing Bugtraq :

- MDVSA-2008:220-1 kernel - Re: Re: Re: Re: Opera 9.6x file:// overflow - Re: MDVSA-2008:232 dovecot - Re: Re: Re: Re: Opera 9.6x file:// overflow - MDVSA-2008:232 dovecot + d'archives Bugtraq avec SecuMail

Mini-Tagwall de l'annuaire video :

virus, spyware, vmware, firmware, biometric, lockpicking, wimax, password, kernel, malware, spammer, windows, iphone, symantec, phish, knoppix, adware, security, botnet, linux, tutorial, cryptography, internet, attack, wireshark, server, virtual, metasploit, intel, openbsd, hitbsecconf2006, protect, jailbreak, norton, ubuntu, rootkit, exploit, samsung, hijackthis, screen, ettercap, fingerprint, vista, flash, drive + de mots clés avec l'annuaire des videos

Mini-Tagwall des articles de la revue de presse :

security, microsoft, windows, vulnérabilité, network, google, vulnerability, hacker, attack, inject, remote, mobile, server, exploit, apple, internet, iphone, black, yahoo, sécurité, malware, vista, intel, patch, crypt, drive, access, protect, virtual, laptop, linux, source, biometric, research, ebook, business, virus, office, phish, adobe, chine, facebook, opera, flash, wireless + de mots clés avec l'annuaire de la revue de presse