A vulnerability has been identified in Mozilla Firefox and Seamonkey, which could be exploited by remote attackers to cause a denial of service or potentially compromise a vulnerable system. This issue is caused by a memory corruption error within the "txMozillaXSLTProcessor::TransformToDoc()" function when processing specially crafted XSLT Transforms, which could be exploited by attackers to crash an affected browser or potentially execute arbitrary code by tricking a user into visiting a specially crafted web page.

Affected Products

Mozilla Firefox version 3.0.7 and prior
Mozilla SeaMonkey version 1.1.15 and prior

Solution

Upgrade to Mozilla Firefox version 3.0.8 :
http://www.mozilla.com/firefox/

Upgrade to Mozilla SeaMonkey version 1.1.16 :
http://www.mozilla.org/projects/seamonkey/

References

http://www.vupen.com/english/advisories/2009/0853
https://bugzilla.mozilla.org/show_bug.cgi?id=485217
http://www.mozilla.org/security/announce/2009/mfsa2009-12.html

Credits

Vulnerability reported by Guido Landi.

Changelog

2009-03-26 : Initial release
2009-03-27 : Updated Solution

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.