Unicode 関係でスタックバッファオーバフローみたいです。PoC は milw0rm にあるようです。

SANS Internet Storm Center http://isc.sans.org/diary.html?storyid=6829
> Vulnerability in FireFox 3.5.1 confirmed, exploit PoC, no patch

SecurityFocus http://www.securityfocus.com/bid/35707
> Mozilla Firefox 3.5 Unicode Data Remote Stack Buffer Overflow Vulnerability

National Vulnerability Database (NVD) http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2479
> National Vulnerability Database (CVE-2009-2479)

(Snip)

> Overview
>
> Stack-based buffer overflow in Mozilla Firefox 3.5 allows remote attackers
> to cause a denial of service (application crash) or possibly have unspecified
> other impact via a long Unicode string argument to the write method.
> Impact
> CVSS Severity (version 2.0):
> CVSS v2 Base Score:10.0 (HIGH) (AV:N/AC:L/Au:N/C:C/I:C/A:C) (legend)
> Impact Subscore: 10.0
> Exploitability Subscore: 10.0

(Snip)

うーむ、CVSS v2 Base Score が、10.0 ・・・・・・。Max ですか、誤植、じゃないですよね。

テストマシン、バージョンダウンしようかしら。

(関連)

National Vulnerability Database (NVD) http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1098
> National Vulnerability Database (CVE-2009-1098)

※ Sun Java 5 の件

National Vulnerability Database (NVD) http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-3093
> National Vulnerability Database (CVE-2007-3093)

※ Solaris 8 SMC の件

いじょうです。

• • -