Create an account

Subscribe to LWN

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Plugging into GCC

LWN.net Weekly Edition for October 2, 2008

Ubuntu debuts its Upstream Report

openSUSE and the distribution of proprietary software

LPC: What's happening with webcams

Weekly edition	Kernel	Security	Distributions	Search
Archives	Calendar	Subscribe	Write for LWN	LWN.net FAQ

Mozilla: heap-based buffer overflow in Mozilla-based browsers

Package(s):

Mozilla

CVE #(s):

CAN-2002-1308

Created:

July 15, 2003

Updated:

July 21, 2003

Description:

A heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL referencing a malformed .jar file, which overflows a buffer during decompression.

This has been fixed in Mozilla 1.0.2.

Alerts:

Red Hat	RHSA-2003:162-02	2003-07-21
Red Hat	RHSA-2003:162-01	2003-07-15

(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds