Mozilla Foundation Security Advisory 2005-15

Heap overflow possible in UTF8 to Unicode conversion

Announced
February 24, 2005
Reporter
wind li
Risk
Low
Impact
High
Products
Firefox, Mozilla Suite, Thunderbird
Fixed in
  • Firefox 1.0.1
  • Mozilla Suite 1.7.6
  • Thunderbird 1.0.2

Description

It is possible for a UTF8 string with invalid sequences to trigger a heap overflow of converted Unicode data. Exploitability would depend on the attackers ability to get the string into the buggy converter. General web content is converted elsewhere but we can't rule out the possibility of a successful attack.

Workaround

Upgrade to a version that contains this fix.

References