Mozilla Firefox CSS letter-spacing Heap Overflow Vulnerability (CVE-2006-1730)

Key Information Vulnerability Name: Mozilla Firefox CSS Letter-Spacing Heap Overflow Vulnerability CVE ID: CVE-2006-1730 Release Date: 2006-04-16 Risk Level: High CWE: CWE-189 Vulnerability Details: - CVSS Base Score: 9.3/10 - Attack Vector: Remote - Impact on Confidentiality: Complete - Impact on Integrity: Complete - Impact on Availability: Complete - Attack Complexity: Medium - Authentication Required: None Affected Vendor: Mozilla Affected Products: - Mozilla 1.7.x and below - Firefox 1.5.x and below Vulnerability Description: - This vulnerability allows attackers to execute arbitrary code on vulnerable Mozilla/Firefox web browsers. The attack requires user interaction, and the target must visit a malicious webpage. - The specific flaw arises from improper handling of the CSS “letter-spacing” property. By specifying a large number, attackers can overflow an integer used during memory allocation. This under-allocated buffer is later used to store user-supplied data, resulting in an exploitable heap overflow. Vendor Response: Mozilla has released updates to fix this vulnerability. More details are available at http://www.mozilla.org/security/announce/2006/mfsa2006-22.html. Public Timeline: - 2006-01-31 - Vulnerability reported to vendor - 2006-01-31 - Digital Vaccine released to TippingPoint customers - 2006-04-13 - Coordinated public advisory release Discoverer: The vulnerability was discovered by an anonymous researcher.

Goal Reached Thanks to every supporter — we hit 100%!

Mozilla Firefox CSS letter-spacing Heap Overflow Vulnerability (CVE-2006-1730)