Firefox浏览器引擎多个内存破坏漏洞

日期:2020-06-09 栏目:程序人生 浏览:

发布日期:2010-04-06
更新日期:2010-04-07

受影响系统:
Mozilla Firefox 3.6
Mozilla Firefox 3.5.x
Mozilla Firefox 3.0.x
Mozilla Thunderbird < 3.0.4
Mozilla SeaMonkey < 2.0.4
不受影响系统:
Mozilla Firefox 3.6.2
Mozilla Firefox 3.5.9
Mozilla Firefox 3.0.19
Mozilla Thunderbird 3.0.4
Mozilla SeaMonkey 2.0.4
描述:
--------------------------------------------------------------------------------
CVE(CAN) ID: CVE-2010-0173,CVE-2010-0174

Firefox是一款流行的开源WEB浏览器。

Firefox浏览器引擎的多个函数在处理超长输入参数时存在多个内存破坏漏洞,用户受骗访问了恶意网页就会导致浏览器崩溃或执行任意代码。

<*来源:Jesse Ruderman (jruderman@gmail.com
        Ehsan Akhgari
 
  链接:
       
        https://www.redhat.com/support/errata/RHSA-2010-0333.html
        https://www.redhat.com/support/errata/RHSA-2010-0332.html
       
*>

建议:
--------------------------------------------------------------------------------
厂商补丁:

Debian
------
Debian已经为此发布了一个安全公告(DSA-2027-1)以及相应补丁:
DSA-2027-1:xulrunner: Multiple vulnerabilities
链接:

补丁下载:
Source archives:


Size/MD5 checksum: 44174623 83667df1e46399960593fdd8832e958e

Size/MD5 checksum:   116550 6c9e415004f27291e49f84e90d1d0131

Size/MD5 checksum:     1755 e04cb5b6bd5b8b7f9add59c8a806e3c8

Architecture independent packages:


Size/MD5 checksum:  1465282 ce022b6790d6e14f4b788c308653dab8

alpha architecture (DEC Alpha)


Size/MD5 checksum:  9484100 a782bd0ed837f3432c71a109dd98d045

Size/MD5 checksum:   223290 ecb8f397d3e6c7463b1c24c0a8ee3675

Size/MD5 checksum:   433032 7eec73671d538f485671874579557bc5

Size/MD5 checksum: 51124160 1a6dcf57c7d1185c6d95ea4d8bad1f12

Size/MD5 checksum:   165330 ee07c899e85d144a8f04ecb462e1c780

Size/MD5 checksum:   113322 ac5b08d50ccb70971bb42f44dd938eb3

Size/MD5 checksum:  3356812 f445e0ef422d18b9428ee8190810eb5f

Size/MD5 checksum:    72410 b6055fee3f283a3b4f299398d156a21a

Size/MD5 checksum:   940016 fc6778b3d408736e10d43b5f30d2469a

amd64 architecture (AMD x86_64 (AMD64))


Size/MD5 checksum:    70096 59959a92c5cd12582b36000575b81b98

Size/MD5 checksum:   223180 7b656ca6976ca0bc5e5dac21a2566807

Size/MD5 checksum:   890448 643a3817476fd091dca841dfcefd4584

Size/MD5 checksum:   101702 96847a84ad24da47f98b4b332870c6bb

Size/MD5 checksum:   374384 85617766ed0a0ac960db1664b51f7891

Size/MD5 checksum:   152132 edcab736e161e97cf9738f43aecf2272

Size/MD5 checksum: 50350940 d38916e2024e9dc46dc40a30da643f2a

Size/MD5 checksum:  3290136 7b32902cd2a92a45a4b8f7163b684ad9

Size/MD5 checksum:  7730682 b4f1fc1f804898e1e6e787c1e826dfcf

arm architecture (ARM)

上一篇:Firefox nsTreeContentView悬停指针漏洞
下一篇:input.c文件释放后使用漏洞

内容版权声明:除非注明,否则皆为本站原创文章。

转载注明出处:https://www.heiqu.com/wwpwww.html

相关推荐