Document Title: =============== Mozilla Firefox v52.02 - (Stack Overflow) DoS Vulnerability References (Source): ==================== http://ift.tt/2qCaOqw Release Date: ============= 2017-05-04 Vulnerability Laboratory ID (VL-ID): ==================================== 2050 Common Vulnerability Scoring System: ==================================== 3 Vulnerability Class: ==================== Denial of Service Product & Service Introduction: =============================== The Tor network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor's users employ this network by connecting through a series of virtual tunnels rather than making a direct connection, thus allowing both organizations and individuals to share information over public networks without compromising their privacy. Along the same line, Tor is an effective censorship circumvention tool, allowing its users to reach otherwise blocked destinations or content. Tor can also be used as a building block for software developers to create new communication tools with built-in privacy features. (Copy of the Vendor Homepage: http://ift.tt/YQlEnw) Abstract Advisory Information: ============================== The vulnerability laboratory core research team discovered a null pointer denial of service vulnerability in the Mozilla Firefox v52.02 & Tor Browser v6.5.1 for microsoft windows. Vulnerability Disclosure Timeline: ================================== 2017-04-09: Researcher Notification & Coordination (SaifAllah benMassaoud) 2017-04-10: Vendor Notification (Mozilla Security Team) 2017-04-12: Vendor Response/Feedback (Mozilla Security Team) 2017-**-**: Vendor Fix/Patch (Mozilla Service Developer Team) 2017-05-04: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Tor Project Product: Tor Browser - Software (Mozilla Firefox Engine) 6.5.1 Exploitation Technique: ======================= Local Severity Level: =============== Medium Technical Details & Description: ================================ A null pointer vulnerability has been discovered in the Mozilla Firefox v52.02 & Tor Browser v6.5.1 for microsoft windows. The vulnerability allows to crash the software application with an unexpected error exception. The software vulnerability is located in the xml document parser of the firefox engine in the tor browser. The issue could corrupt memory in such a way that remote attackers could crash affected versions permanently. The crash occurs because of a provoked non-exploitable stack overflow issue. The issue is in connection to the design and template. The security risk of the vulnerability is estimated as medium with a cvss (common vulnerability scoring system) count of 3.0. Exploitation of the denial of service web vulnerability requires low interaction and no privilege system user account. Successful exploitation of the application web vulnerability results in permanent application crashs or stable process shutdown. Affected Version(s): [+] Mozilla Firefox v52.02 [+] Stable Tor Browser - Microsoft Windows (6.5.1) 32/64-bit (sig) [+] Experimental Tor Browser - Microsoft Windows (7.0a2) 32/64-bits (sig) Proof of Concept (PoC): ======================= The remote point vulnerability can be exploited by remote attackers without privilege application user account and with low user interaction. For security demonstration or to reproduce the vulnerability follow the provided information and steps below to continue. PoC: Exploit http://ift.tt/2rbl1NQ
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment