Mozilla Firefox QueryInterface method memory corruption

Added: 02/10/2006
CVE: CVE-2006-0295
BID: 16476
OSVDB: 22893

Background

Mozilla is a suite of Internet client products available for multiple platforms.

Problem

A memory corruption in the QueryInterface method of the Location and Navigator objects leads to command execution.

Resolution

Upgrade to the latest version of Firefox, Thunderbird, or SeaMonkey.

References

http://www.mozilla.org/security/announce/mfsa2006-04.html

Limitations

Exploit works on Firefox 1.5. This exploit requires a user on the target system to follow a link to the exploit using Firefox. Due to the amount of memory required, there may be a delay before the exploit succeeds. Exploit does not work on targets where Security Enhanced Linux is enabled.

Platforms

Windows
Linux

Back to exploit index