Articles récents

Catégories

juin 2011

icon_firefox[CVE 2011-2377] Memory corruption due to multipart/x-mixed-replace images

Memory corruption due to multipart/x-mixed-replace images Announced: June 21, 2011 Reporter: Jordi Chancel Impact: Critical Products: Firefox, SeaMonkey, Thunderbird Fixed in: Firefox 3.6.18 – Firefox 5 – SeaMonkey 2.2 – Thunderbird 3.1.11 Description Security researcher Jordi Chancel reported a crash on multipart/x-mixed-replace images due to memory corruption. CVE Description Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allow remote attackers to cause a