Unicode 関係でスタックバッファオーバフローみたいです。PoC は milw0rm にあるようです。
SANS Internet Storm Center http://isc.sans.org/diary.html?storyid=6829
> Vulnerability in FireFox 3.5.1 confirmed, exploit PoC, no patch
SecurityFocus http://www.securityfocus.com/bid/35707
> Mozilla Firefox 3.5 Unicode Data Remote Stack Buffer Overflow Vulnerability
National Vulnerability Database (NVD) http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2479
> National Vulnerability Database (CVE-2009-2479)
(Snip)
> Overview
>
> Stack-based buffer overflow in Mozilla Firefox 3.5 allows remote attackers
> to cause a denial of service (application crash) or possibly have unspecified
> other impact via a long Unicode string argument to the write method.
> Impact
> CVSS Severity (version 2.0):
> CVSS v2 Base Score:10.0 (HIGH) (AV:N/AC:L/Au:N/C:C/I:C/A:C) (legend)
> Impact Subscore: 10.0
> Exploitability Subscore: 10.0
(Snip)
うーむ、CVSS v2 Base Score が、10.0 ・・・・・・。Max ですか、誤植、じゃないですよね。
テストマシン、バージョンダウンしようかしら。
(関連)
National Vulnerability Database (NVD) http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1098
> National Vulnerability Database (CVE-2009-1098)
※ Sun Java 5 の件
National Vulnerability Database (NVD) http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-3093
> National Vulnerability Database (CVE-2007-3093)
※ Solaris 8 SMC の件
いじょうです。
-
- -