FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- SOAPParameter integer overflow

Affected packages
firefox < 0.9
linux-mozilla < 1.7
linux-mozilla-devel < 1.7
mozilla-gtk1 < 1.7
mozilla < 1.7,2
netscape7 < 7.2

Details

VuXML ID a4fd8f53-05eb-11d9-b45d-000c41e2cdad
Discovery 2004-08-02
Entry 2004-09-14
Modified 2004-09-22

zen-parse discovered and iDEFENSE reported an exploitable integer overflow in a scriptable Mozilla component `SOAPParameter':

Improper input validation to the SOAPParameter object constructor in Netscape and Mozilla allows execution of arbitrary code. The SOAPParameter object's constructor contains an integer overflow which allows controllable heap corruption. A web page can be constructed to leverage this into remote execution of arbitrary code.

References

CVE Name CVE-2004-0722
URL http://bugzilla.mozilla.org/show_bug.cgi?id=236618