|
|||
Rule General Information |
---|
Release Date: | 2016-10-20 | |
Rule Name: | Mozilla Firefox XSL Transformation Memory Corruption Vulnerability -3 (CVE-2009-1169) | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox before 3.0.8 and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XML file with a crafted XSLT transform. | |
Impact: | An attacker can execute arbitrary code in the context of the vulnerable system. Failed exploit may cause denial-of-service attack. | |
Affected OS: | Windows, Solaris, Other Unix, FreeBSD, Linux | |
Reference: | SecurityFocusBID:34235 ExploitDB:8285 http://blogs.zdnet.com/security/?p=3013 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00008.html |
|
Solutions |
---|
Upgrade to version 2.0 8 to solve the problem. |