Mozilla Firefox XSL Parsing ‘root’ XML Tag Remote Memory Corruption Vulnerability

March 26, 2009 – 10:26 AM

Mozilla Firefox is prone to a remote memory-corruption vulnerability.

An attacker can exploit this issue to execute arbitrary code within the context of the affected browser. Failed exploit attempt will result in a denial-of-service condition.

The following proof of concept is available:

http://www.securityfocus.com/data/vulnerabilities/exploits/2009-ffox-poc.tar.gz

  1. One Response to “Mozilla Firefox XSL Parsing ‘root’ XML Tag Remote Memory Corruption Vulnerability”

  2. Firefox 3.0.8 has been released and fixes this issue.

    By manunkind on Mar 27, 2009

You must be logged in to post a comment.