Friday, June 20, 2008 11:24 AM
cmosby
Mozilla Firefox Unspecified Code Execution Vulnerability - Secunia - 6/19/2008
Mozilla Firefox Unspecified Code Execution Vulnerability
Secunia Advisory:
SA30761
Release Date:
2008-06-19
Last Update:
2008-06-20
Critical:
Highly critical
Impact:
System access
Where:
From remote
Solution Status:
Unpatched
Software:
Mozilla Firefox 2.0.x
Mozilla Firefox 3.x
CVE reference:
CVE-2008-2785 (Secunia mirror)
Description:
A vulnerability has been reported in Mozilla Firefox, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an unspecified error and can be exploited to execute arbitrary code e.g. when a user visits a specially crafted web page.
The vulnerability is reported in versions 3.0 and 2.0.x. Other versions may also be affected.
Solution:
Do not follow untrusted links nor browse untrusted web sites.
Provided and/or discovered by:
Reported via the Zero Day Initiative.
Changelog:
2008-06-20: Added CVE reference.
Original Advisory:
http://dvlabs.tippingpoint.com/blog/2...8/vulnerability-in-mozilla-firefox-30
Filed under: Patch Management, Browser Wars, Firefox, Security, Software Vulnerabilites