Уязвимость при обработке целочисленных типов

Критичная (9.3)

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

HP

Mozilla (2.0.0.11) SeaMonkey (1.0 Alpha, 1.0 Beta) Thunderbird (1.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.0.5 Beta, 1.0.6, 1.0.7, 1.0.8, 1.1, 1.5, 1.5 Beta 2, 1.5.0.1, 1.5.0.2)

Переполнение при обработке целочисленных типов в Mozilla Firefox, Thunderbird, Mozilla Suite и SeaMonkey позволяет злоумышленникам, действующим удаленно, выполнять произвольный код, используя большие числа в свойстве CSS 'letter-spacing', что приводит к переполнению буфера в динамической памяти.

Для устранения уязвимости необходимо установить последнюю версию продукта, соответствующую используемой платформе. Необходимую информацию можно получить по адресу:
http://www.mozilla.org/

http://www.mozilla.org/security/announce/2006/mfsa2006-22.html
BUGTRAQ (20060415 ZDI-06-010: Mozilla Firefox CSS Letter-Spacing Heap Overflow Vulnerability): http://www.securityfocus.com/archive/1/archive/1/431060/100/0/threaded
http://www.zerodayinitiative.com/advisories/ZDI-06-010.html
REDHAT (RHSA-2006:0328): http://www.redhat.com/support/errata/RHSA-2006-0328.html
CERT-VN (VU#179014): http://www.kb.cert.org/vuls/id/179014
BID (17516): http://www.securityfocus.com/bid/17516
FRSIRT (ADV-2006-1356): http://www.frsirt.com/english/advisories/2006/1356
SECTRACK (1015915): http://securitytracker.com/id?1015915
SECTRACK (1015916): http://securitytracker.com/id?1015916
SECTRACK (1015917): http://securitytracker.com/id?1015917
SECTRACK (1015918): http://securitytracker.com/id?1015918
CERT (TA06-107A): http://www.us-cert.gov/cas/techalerts/TA06-107A.html
DEBIAN (DSA-1044): http://www.debian.org/security/2006/dsa-1044
GENTOO (GLSA-200604-12): http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
MANDRIVA (MDKSA-2006:075): http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:075
MANDRIVA (MDKSA-2006:076): http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:076
MANDRIVA (MDKSA-2006:078): http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:078
DEBIAN (DSA-1046): http://www.debian.org/security/2006/dsa-1046
GENTOO (GLSA-200604-18): http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
UBUNTU (USN-275-1): http://www.ubuntulinux.org/support/documentation/usn/usn-275-1
SGI (20060404-01-U): ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc
SUSE (SUSE-SA:2006:022): http://www.novell.com/linux/security/advisories/2006_04_25.html
DEBIAN (DSA-1051): http://www.debian.org/security/2006/dsa-1051
UBUNTU (USN-276-1): http://www.ubuntulinux.org/support/documentation/usn/usn-276-1
FEDORA (FEDORA-2006-410): http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
FEDORA (FEDORA-2006-411): http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
SUSE (SUSE-SA:2006:021): http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
UBUNTU (USN-271-1): http://www.ubuntulinux.org/support/documentation/usn/usn-271-1
GENTOO (GLSA-200605-09): http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
HP (HPSBTU02118): http://www.securityfocus.com/archive/1/archive/1/434524/100/0/threaded
REDHAT (RHSA-2006:0329): http://www.redhat.com/support/errata/RHSA-2006-0329.html
REDHAT (RHSA-2006:0330): http://www.redhat.com/support/errata/RHSA-2006-0330.html
FEDORA (FLSA:189137-1): http://www.securityfocus.com/archive/1/archive/1/436296/100/0/threaded
FEDORA (FLSA:189137-2): http://www.securityfocus.com/archive/1/archive/1/436338/100/0/threaded
HP (HPSBUX02122): http://www.securityfocus.com/archive/1/archive/1/438730/100/0/threaded
SCO (SCOSA-2006.26): ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt
SUNALERT (102550): http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
FRSIRT (ADV-2006-3391): http://www.frsirt.com/english/advisories/2006/3391
HP (HPSBUX02153): http://www.securityfocus.com/archive/1/archive/1/446658/100/200/threaded
HP (HPSBUX02156): http://www.securityfocus.com/archive/1/archive/1/446657/100/200/threaded
http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
OVAL (oval:org.mitre.oval:def:1614): http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1614
XF (mozilla-css-letterspacing-overflow(25826)): http://xforce.iss.net/xforce/xfdb/25826