Mozilla Firefox Location.hash Remote DoS Vulnerability Network Vulnerability

Summary

The host is installed with Mozilla Firefox browser and is prone to denial of service vulnerability. Vulnerability: The flaw is due to improper way of handling input passed to location.hash.

Impact

Successful exploitation could result in remote arbitrary code execution, and can crash the affected browser. Impact Level: Application

Solution

Upgrade to Mozilla Firefox version 3.6.3 or later For updates refer to http://www.mozilla.org/

Affected

Mozilla, Firefox version 3.0 through 3.0.13 and 3.5.x

References

http://downloads.securityfocus.com/vulnerabilities/exploits/32988.pl
http://websecurity.com.ua/3424/
http://www.securityfocus.com/archive/1/archive/1/506006/100/0/threaded
http://www.securityfocus.com/bid/32988/discuss

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-5715, CVE-2009-2953

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Firefly MediaServer HTTP Header Multiple DoS Vulnerabilities
Denial Of Service Vulnerability in OpenSSL June-09 (Linux)
Active Perl Denial of Service Vulnerability Feb 2014 (Windows)
ArGoSoft FTP Server XCWD Overflow
avast! AntiVirus Multiple BOF Vulnerabilities (Linux)

Mozilla Firefox location.hash Remote DoS Vulnerability

Take action and discover your vulnerabilities