Intrusion Prevention

Mozilla.SVG.Layout.Engine.Index.Parameter.Memory.Corruption

Description

This indicates an attack attempt to exploit a memory corruption vulnerability
in Mozilla Products.
The vulnerability is caused by an error when the vulnerable software handles
crafted SVG content. It allows a remote attacker to crash the program via sending a crafted web page.

Affected Products

Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4
Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4
SeaMonkey 1.0.9 and 1.1.2

Impact

Denial of serive: Remote attackers can crash vulnerable systems.

Recommended Actions

Apply patch,available from the web site.
Mozilla Firefox 1.5.0.3
Mozilla Mozilla Firefox 1.5.0.12
http://www.mozilla.com/en-US/firefox/all.html
Mozilla Thunderbird 1.5.0.5
Mozilla Mozilla Thunderbird 1.5.0.12
http://www.mozilla.com/en-US/thunderbird/all.html
Mozilla Firefox 1.5.0.2
Mozilla Mozilla Firefox 1.5.0.12
http://www.mozilla.com/en-US/firefox/all.html
Mozilla Firefox 2.0 RC2
Mozilla Mozilla Firefox 2.0.0.4
http://www.mozilla.com/en-US/firefox/all.html
Mozilla Thunderbird 1.5.0.8
Mozilla Mozilla Thunderbird 1.5.0.12
http://www.mozilla.com/en-US/thunderbird/all.html
Mozilla Firefox 1.5.0.1
Mozilla Mozilla Firefox 1.5.0.12
http://www.mozilla.com/en-US/firefox/all.html
Mozilla Firefox 1.5.0.7
Mozilla Mozilla Firefox 1.5.0.12
http://www.mozilla.com/en-US/firefox/all.html
Mozilla Thunderbird 1.5.0.4
Mozilla Mozilla Thunderbird 1.5.0.12
http://www.mozilla.com/en-US/thunderbird/all.html
Mozilla Thunderbird 1.5.0.2
Mozilla Mozilla Thunderbird 1.5.0.12
http://www.mozilla.com/en-US/thunderbird/all.html
Mozilla SeaMonkey 1.1 beta
Mozilla Mozilla SeaMonkey 1.1.2
http://www.mozilla.org/projects/seamonkey/releases/
Mozilla Firefox 1.5.0.6
Mozilla Mozilla Firefox 1.5.0.12
http://www.mozilla.com/en-US/firefox/all.html
Mozilla Thunderbird 1.5.0.10
Mozilla Mozilla Thunderbird 1.5.0.12
http://www.mozilla.com/en-US/thunderbird/all.html
Mozilla Firefox 2.0.0.2
Mozilla Mozilla Firefox 2.0.0.4
http://www.mozilla.com/en-US/firefox/all.html
Mozilla SeaMonkey 1.0 dev
Mozilla Mozilla Seamonkey 1.0.9
http://www.mozilla.org/projects/seamonkey/releases/
Mozilla SeaMonkey 1.0
Mozilla Mozilla Seamonkey 1.0.9
http://www.mozilla.org/projects/seamonkey/releases/
Mozilla Firefox 1.5.0.4
Mozilla Mozilla Firefox 1.5.0.12
http://www.mozilla.com/en-US/firefox/all.html
Mozilla Firefox 2.0.0.3
Mozilla Mozilla Firefox 2.0.0.4
http://www.mozilla.com/en-US/firefox/all.html
Slackware Linux 11.0
Slackware mozilla-firefox-1.5.0.12-i686-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/ mozilla-firefox-1.5.0.12-i686-1.tgz
Slackware mozilla-firefox-2.0.0.4-i686-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/extra/mozilla-fir efox-2.0.0.4/mozilla-firefox-2.0.0.4-i686-1.tgz
Slackware mozilla-thunderbird-1.5.0.12-i686-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/ mozilla-thunderbird-1.5.0.12-i686-1.tgz
Slackware seamonkey-1.1.2-i486-1_slack11.0.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/ seamonkey-1.1.2-i486-1_slack11.0.tgz
Mozilla Firefox 1.5.0.2
Mozilla Mozilla Firefox 1.5.0.12
http://www.mozilla.com/en-US/firefox/all.html
Slackware Linux -current
Slackware mozilla-firefox-2.0.0.4-i686-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/ mozilla-firefox-2.0.0.4-i686-1.tgz
Slackware seamonkey-1.1.2-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/ seamonkey-1.1.2-i486-1.tgz
Mozilla Firefox 2.0 beta 1
Mozilla Mozilla Firefox 2.0.0.4
http://www.mozilla.com/en-US/firefox/all.html
Mozilla Thunderbird 1.5.0.7
Mozilla Mozilla Thunderbird 1.5.0.12
http://www.mozilla.com/en-US/thunderbird/all.html
Mozilla SeaMonkey 1.0.1
Mozilla Mozilla Seamonkey 1.0.9
http://www.mozilla.org/projects/seamonkey/releases/
Mozilla Firefox 1.0.1
Mozilla Mozilla Firefox 1.5.0.12
http://www.mozilla.com/en-US/firefox/all.html
Mozilla SeaMonkey 1.0.2
Mozilla Mozilla Seamonkey 1.0.9
http://www.mozilla.org/projects/seamonkey/releases/
Mozilla Firefox 1.0.2
Mozilla Mozilla Firefox 1.5.0.12
http://www.mozilla.com/en-US/firefox/all.html
Mozilla Firefox 1.0.4
Mozilla Mozilla Firefox 1.5.0.12
http://www.mozilla.com/en-US/firefox/all.html
Mozilla Firefox 1.0.5
Mozilla Mozilla Firefox 1.5.0.12
http://www.mozilla.com/en-US/firefox/all.html
Mozilla SeaMonkey 1.0.5
Mozilla Mozilla Seamonkey 1.0.9
http://www.mozilla.org/projects/seamonkey/releases/
Mozilla Firefox 1.0.5
Mozilla Mozilla Firefox 1.5.0.12
http://www.mozilla.com/en-US/firefox/all.html
Mozilla SeaMonkey 1.0.6
Mozilla Mozilla Seamonkey 1.0.9
http://www.mozilla.org/projects/seamonkey/releases/
Mozilla SeaMonkey 1.0.7
Mozilla Mozilla Seamonkey 1.0.9
http://www.mozilla.org/projects/seamonkey/releases/
Mozilla Firefox 1.0.7
Mozilla Mozilla Firefox 1.5.0.12
http://www.mozilla.com/en-US/firefox/all.html
Mozilla SeaMonkey 1.1.1
Mozilla Mozilla SeaMonkey 1.1.2
http://www.mozilla.org/projects/seamonkey/releases/
Mozilla Firefox 1.5 .6
Mozilla Mozilla Firefox 1.5.0.12
http://www.mozilla.com/en-US/firefox/all.html
Mozilla Firefox 1.5 .8
Mozilla Mozilla Firefox 1.5.0.12
http://www.mozilla.com/en-US/firefox/all.html
Mozilla Firefox 1.5 beta 2
Mozilla Mozilla Firefox 1.5.0.12
http://www.mozilla.com/en-US/firefox/all.html
Mozilla Thunderbird 1.5 .9
Mozilla Mozilla Thunderbird 1.5.0.12
http://www.mozilla.com/en-US/thunderbird/all.html
Mozilla Thunderbird 1.5
Mozilla Mozilla Thunderbird 1.5.0.12
http://www.mozilla.com/en-US/thunderbird/all.html
Mozilla Thunderbird 1.5 beta 2
Mozilla Mozilla Thunderbird 1.5.0.12
http://www.mozilla.com/en-US/thunderbird/all.html
Slackware Linux 10.2
Slackware mozilla-firefox-1.5.0.12-i686-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/ mozilla-firefox-1.5.0.12-i686-1.tgz
Slackware mozilla-thunderbird-1.5.0.12-i686-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/ mozilla-thunderbird-1.5.0.12-i686-1.tgz
Mozilla Firefox 2.0 .1
Mozilla Mozilla Firefox 2.0.0.4
http://www.mozilla.com/en-US/firefox/all.html
Mozilla Firefox 2.0 3
Mozilla Mozilla Firefox 2.0.0.4
http://www.mozilla.com/en-US/firefox/all.html

CVE References

CVE-2007-2867