Description

Heap-based buffer overflow in the _cairo_pen_init function in Mozilla Firefox 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to execute arbitrary code via a large stroke-width attribute in the clipPath element in an SVG file.

References

• BID-22694
• CERT-VN-551436
• CVE-2007-0776
• GENTOO-200703-04
• GENTOO-200703-08
• GENTOO-200703-18
• SUSE-SUSE-SA:2007:019
• SUSE-SUSE-SA:2007:022
• XF-32698

Solution

Related Vulnerabilities

• FreeBSD: mozilla -- multiple vulnerabilities (Multiple CVEs)
• SUSE Linux Security Vulnerability: CVE-2007-0995
• Gentoo Linux: CVE-2007-0008: Mozilla Network Security Service: Remote execution of arbitrary code
• MFSA2007-02 SeaMonkey: Improvements to help protect against Cross-Site Scripting attacks (CVE-2007-0996)
• MFSA2007-02 Firefox: Improvements to help protect against Cross-Site Scripting attacks (CVE-2007-0996)
• MFSA2007-02 SeaMonkey: Improvements to help protect against Cross-Site Scripting attacks (CVE-2007-0995)
• MFSA2007-05 Firefox: XSS and local file access by opening blocked popups (CVE-2007-0780)
• Netscape/Sun iPlanet NSS SSLv2 client key buffer overflow
• Gentoo Linux: CVE-2006-6077: Mozilla Firefox: Multiple vulnerabilities
• MFSA2007-01 Thunderbird: Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2) (CVE-2007-0776)
• MFSA2007-01 SeaMonkey: Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2) (CVE-2007-0775)
• RHSA-2007:0097: firefox security update
• Gentoo Linux: CVE-2007-0777: Mozilla Firefox: Multiple vulnerabilities
• CESA-2007:0079: Firefox security update
• Gentoo Linux: CVE-2007-0775: Mozilla Firefox: Multiple vulnerabilities
• MFSA2007-01 Firefox: Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2) (CVE-2007-0775)
• Sun Patch: NSS_NSPR_JSS 3.35 Solaris: NSPR 4.18 / NSS 3.35 / JSS 4.3.2 Mainte
• CESA-2007:0078: thunderbird security update
• Gentoo Linux: CVE-2007-0778: Mozilla Firefox: Multiple vulnerabilities
• MFSA2007-06 SeaMonkey: Mozilla Network Security Services (NSS) SSLv2 buffer overflow (CVE-2007-0008)
• SUSE Linux Security Vulnerability: CVE-2007-0777
• Gentoo Linux: CVE-2007-0779: Mozilla Firefox: Multiple vulnerabilities
• MFSA2007-02 Firefox: Improvements to help protect against Cross-Site Scripting attacks (CVE-2006-6077)
• RHSA-2007:0108: thunderbird security update
• SUSE Linux Security Vulnerability: CVE-2007-0780
• MFSA2007-05 Firefox: XSS and local file access by opening blocked popups (CVE-2007-0800)
• Gentoo Linux: CVE-2007-0995: Mozilla Firefox: Multiple vulnerabilities
• SUSE Linux Security Vulnerability: CVE-2007-0776
• Sun Patch: Web Server 6.1: Sun ONE Web Server 6.1 Patch WS61SP13
• Sun Patch: NSS_NSPR_JSS 3.35: NSPR 4.18 / NSS 3.35 / JSS 4.3.2
• Gentoo Linux: CVE-2007-0780: Mozilla Firefox: Multiple vulnerabilities
• MFSA2007-01 Thunderbird: Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2) (CVE-2007-0777)
• MFSA2007-06 Thunderbird: Mozilla Network Security Services (NSS) SSLv2 buffer overflow (CVE-2007-0008)
• SUSE Linux Security Vulnerability: CVE-2007-0800
• RHSA-2007:0078: thunderbird security update
• Sun Patch: Sun Java System Web Proxy Server 4.0.17, Solaris (SVR4 patch): Mai
• Gentoo Linux: CVE-2007-0800: Mozilla Firefox: Multiple vulnerabilities
• RHSA-2007:0077: seamonkey security update
• MFSA2007-03 Firefox: Information disclosure through cache collisions (CVE-2007-0778)
• MFSA2007-04 SeaMonkey: Spoofing using custom cursor and CSS3 hotspot (CVE-2007-0779)
• Sun Patch: Oracle iPlanet Web Server 7.0.12 Solaris: Update Release patch
• MFSA2007-03 SeaMonkey: Information disclosure through cache collisions (CVE-2007-0778)
• Sun Patch: NSS_NSPR_JSS 3.30.2_x86: NSPR 4.15 / NSS 3.30.2 / JSS 4.3.2
• SUSE-SA:2007:019: MozillaFirefox
• Sun Patch: NSS_NSPR_JSS 3.35: NSPR 4.18 / NSS 3.35 / JSS 4.3.2
• SUSE Linux Security Vulnerability: CVE-2007-0778
• SUSE Linux Security Vulnerability: CVE-2007-0008
• MFSA2007-01 SeaMonkey: Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2) (CVE-2007-0776)
• Sun Patch: Oracle iPlanet Web Server 7.0.12 Solaris_x86: Update Release patch
• MFSA2007-05 SeaMonkey: XSS and local file access by opening blocked popups (CVE-2007-0780)
• MFSA2007-04 Firefox: Spoofing using custom cursor and CSS3 hotspot (CVE-2007-0779)
• SUSE Linux Security Vulnerability: CVE-2007-0779
• CESA-2007:0097: firefox security update
• Sun Patch: NSS_NSPR_JSS 3.35_x86: NSPR 4.18 / NSS 3.35 / JSS 4.3.2
• CESA-2007:0108: thunderbird security update
• SUSE Linux Security Advisory: SUSE-SA:2007:019
• Sun Patch: NSS_NSPR_JSS 3.35: NSPR 4.18 / NSS 3.35 / JSS 4.3.2
• RHSA-2007:0079: Firefox security update
• MFSA2007-01 Firefox: Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2) (CVE-2007-0776)
• Sun Patch: NSS_NSPR_JSS 3.35 Solaris_x86: NSPR 4.18 / NSS 3.35 / JSS 4.3.2 Ma
• MFSA2007-01 Firefox: Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2) (CVE-2007-0777)
• MFSA2007-01 Thunderbird: Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2) (CVE-2007-0775)
• CESA-2007:0077: seamonkey security update
• Sun Patch: Sun Java System Web Proxy Server 4.0.17, _x86 (SVR4 patch): Mainte
• MFSA2007-02 Firefox: Improvements to help protect against Cross-Site Scripting attacks (CVE-2007-0995)
• SUSE Linux Security Vulnerability: CVE-2006-6077
• MFSA2007-02 SeaMonkey: Improvements to help protect against Cross-Site Scripting attacks (CVE-2006-6077)
• Sun Patch: Web Server 6.1: Sun ONE Web Server 6.1_x86 Patch WS61SP13
• SUSE-SA:2007:022: Mozilla security problems
• SUSE Linux Security Vulnerability: CVE-2007-0996
• MFSA2007-06 Firefox: Mozilla Network Security Services (NSS) SSLv2 buffer overflow (CVE-2007-0008)
• SUSE Linux Security Vulnerability: CVE-2007-0775
• MFSA2007-05 SeaMonkey: XSS and local file access by opening blocked popups (CVE-2007-0800)
• MFSA2007-01 SeaMonkey: Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2) (CVE-2007-0777)