Intrusion Prevention

Mozilla.MathML.Layout.Engine.Memory.Corruption

Description

This indicates an attack attempt against a memory corruption vulnerability in
Mozilla.
The vulnerability is caused by an error when the vulnerable software handles
rowspan value with MathML elements. It allows a remote attacker to execute arbitrary code via sending a crafted web page.

Affected Products

Firefox 3.0.1
Firefox 2.0.0.16
Thunderbird 2.0.0.16
SeaMonkey 1.1.11

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to the following versions:
Firefox 3.0.2
Firefox 2.0.0.17
Thunderbird 2.0.0.17
SeaMonkey 1.1.12

CVE References

CVE-2008-4061