Firefox 2.0.0.3 Out-of-bounds memory access via specialy crafted html file

2007.05.17

Credit: carl hardwick

Risk: Low

Local: No

Remote: Yes

CVE: CVE-2007-2671

CWE: N/A

CVSS Base Score: 7.1/10

Impact Subscore: 6.9/10

Exploitability Subscore: 8.6/10

Exploit range: Remote

Attack complexity: Medium

Authentication: No required

Confidentiality impact: None

Integrity impact: None

Availability impact: Complete

Product: Firefox 2.0.0.3
Description: Out-of-bounds memory access via specialy crafted html file
Type: Remote
Vulnerability can be exploited by using a large value in a href tag to
create an out-of-bounds memory access.
Proof Of Concept exploit:
http://www.critical.lt/research/opera_die_happy.html

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Firefox 2.0.0.3 Out-of-bounds memory access via specialy crafted html file

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.