Mozilla Firefox UTF-8 URL buffer overflow

Added: 12/31/2008
CVE: CVE-2008-0016
BID: 31397
OSVDB: 48780

Background

Mozilla is a suite of Internet client products available for multiple platforms.

Problem

A buffer overflow vulnerability in Mozilla Firefox allows command execution when a user follows a link to a specially crafted UTF-8 URL.

Resolution

Upgrade to Mozilla Firefox 2.0.0.17 or higher.

References

http://www.mozilla.org/security/announce/2008/mfsa2008-37.html

Limitations

Exploit works on Mozilla Firefox 2.0.0.16 and requires a user to load the exploit page in Mozilla Firefox.

Platforms

Windows
Linux
Mac OS

Back to exploit index