Mozilla Firefox 64-Bit SetTextInternal Heap Buffer Overflow

CVE-2010-1196

Type

Mozilla Firefox 64-Bit SetTextInternal () Heap Buffer Overflow

Severity

High

Affected products

Mozilla Firefox

Date

2010-06-23

CVE Reference

CVE-2010-1196

A heap buffer overflow vulnerability was discovered which is caused by an integer overflow in nsGenericDOMDataNode::SetTextInternal().

Due to the amount of data needed to trigger the vulnerability (> 8 gigabytes), this is only exploitable on 64-bit systems. This vulnerability was tested on Ubuntu AMD64 with the default install of Firefox.

See this white paper for more details on vulnerabilities specific to 64bit platforms.

References

http://www.mozilla.org/security/announce/2010/mfsa2010-29.html
https://bugzilla.mozilla.org/show\_bug.cgi?id=534666
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1196