Mozilla Firefox Malformed JPEG File Denial of Service Vulnerability
BID:29984
Info
Mozilla Firefox Malformed JPEG File Denial of Service Vulnerability
| Bugtraq ID: | 29984 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 27 2008 12:00AM |
| Updated: | Jun 27 2008 11:40PM |
| Credit: | Beenu Arora |
| Vulnerable: |
Mozilla Firefox 3.0 Beta 5 Mozilla Firefox 3.0 |
| Not Vulnerable: | |
Discussion
Mozilla Firefox Malformed JPEG File Denial of Service Vulnerability
Mozilla Firefox is prone to a remote denial-of-service vulnerability.
Successful exploits can allow attackers to crash the affected browser, resulting in denial-of-service conditions.
This issue affects Firefox 3 running on Ubuntu Linux 8.04; other versions running on different platforms may also be affected.
Mozilla Firefox is prone to a remote denial-of-service vulnerability.
Successful exploits can allow attackers to crash the affected browser, resulting in denial-of-service conditions.
This issue affects Firefox 3 running on Ubuntu Linux 8.04; other versions running on different platforms may also be affected.
Exploit / POC
Mozilla Firefox Malformed JPEG File Denial of Service Vulnerability
Attackers can exploit this issue by enticing an unsuspecting victim to view a malicious JPEG file.
The following example JPEG file is available:
Attackers can exploit this issue by enticing an unsuspecting victim to view a malicious JPEG file.
The following example JPEG file is available:
Solution / Fix
Mozilla Firefox Malformed JPEG File Denial of Service Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Mozilla Firefox Malformed JPEG File Denial of Service Vulnerability
References:
References:
- Mozilla Homepage (Mozilla Foundation)