Heap overflow possible in UTF8 to Unicode conversion
- February 24, 2005
- wind li
- Firefox, Mozilla Suite, Thunderbird
- Fixed in
- Firefox 1.0.1
- Mozilla Suite 1.7.6
- Thunderbird 1.0.2
It is possible for a UTF8 string with invalid sequences to trigger a heap overflow of converted Unicode data. Exploitability would depend on the attackers ability to get the string into the buggy converter. General web content is converted elsewhere but we can't rule out the possibility of a successful attack.
Upgrade to a version that contains this fix.