Mozilla JAR File Decompression Heap Overflow (deprecated)

High Nessus Network Monitor Plugin ID 1322

Synopsis

The remote host is vulnerable to a heap overflow.

Description

The remote host is running a version of the Mozilla browser that may contain a heap corruption vulnerability. A vulnerability has been discovered in the JAR URI handler used by Netscape and Mozilla. By constructing a malformed JAR file containing invalid file length information, it is possible to cause heap corruption in a vulnerable browser. When a client attempts to decompress a malicious JAR file, invalid values will be used to allocate buffer space for the inflated data. As there are no checks to prevent this, an overrun condition in the heap may occur if excessive data is decompressed.

Solution

Upgrade to the latest version of Mozilla.

Plugin Details

Severity: High

ID: 1322

File Name: 1322.prm

Family: SMTP Clients

Published: 2004/08/20

Modified: 2016/01/19

Dependencies: 1330

Risk Information

Risk Factor: High

CVSSv2

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 8.1

Temporal Score: 7.5

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:mozilla:mozilla

Reference Information

CVE: CVE-2002-1308

BID: 6185