ID de Prueba:	1.3.6.1.4.1.25623.1.0.800848
Categoría:	Denial of Service
Título:	Mozilla Products 'select()' Denial Of Service Vulnerability - Windows
Resumen:	Mozilla Firefox/Seamonkey/Thunderbird is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: Mozilla Firefox/Seamonkey/Thunderbird is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: A null pointer dereference error occurs while calling the 'select' method with a large integer, that results in continuous allocation of x+n bytes of memory exhausting memory after a while. Vulnerability Impact: Successful exploitation will let attackers to cause application crash by consuming the memory. Affected Software/OS: Seamonkey version prior to 1.1.17 Thunderbird version 2.0.0.22 and prior Firefox version before 2.0.0.19 and 3.x before 3.0.5 on Windows. Solution: Upgrade to Firefox version 2.0.0.19 or 3.0.5 or later Upgrade to Seamonkey version 1.1.17 or later Apply patch for Thunderbird through above mozilla engine update. CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2535 Bugtraq: 20090715 Re: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3.... (Google Search) http://www.securityfocus.com/archive/1/504989/100/0/threaded Bugtraq: 20090715 Re:[GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3.... (Google Search) http://www.securityfocus.com/archive/1/504988/100/0/threaded Bugtraq: 20090715 [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3.... (Google Search) http://www.securityfocus.com/archive/1/504969/100/0/threaded Bugtraq: 20090716 Re[2]: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3.... (Google Search) http://www.securityfocus.com/archive/1/505006/100/0/threaded http://www.exploit-db.com/exploits/9160 http://www.g-sec.lu/one-bug-to-rule-them-all.html https://bugzilla.mozilla.org/show_bug.cgi?id=460713 Common Vulnerability Exposure (CVE) ID: CVE-2009-1692 http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html BugTraq ID: 35414 http://www.securityfocus.com/bid/35414 BugTraq ID: 35446 http://www.securityfocus.com/bid/35446 Debian Security Information: DSA-1950 (Google Search) http://www.debian.org/security/2009/dsa-1950 https://www.exploit-db.com/exploits/9160 https://bugs.webkit.org/show_bug.cgi?id=23319 http://osvdb.org/55242 http://secunia.com/advisories/36977 http://secunia.com/advisories/37746 http://secunia.com/advisories/43068 SuSE Security Announcement: SUSE-SR:2011:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://www.vupen.com/english/advisories/2009/1621 http://www.vupen.com/english/advisories/2011/0212
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.