{"id":38,"date":"2008-07-16T14:15:19","date_gmt":"2008-07-16T21:15:19","guid":{"rendered":"http:\/\/blog.mozilla.org\/security\/?p=38"},"modified":"2008-07-16T14:25:58","modified_gmt":"2008-07-16T21:25:58","slug":"tippingpoint-vulnerability-patched-in-firefox-301-and-20016","status":"publish","type":"post","link":"https:\/\/blog.mozilla.org\/security\/2008\/07\/16\/tippingpoint-vulnerability-patched-in-firefox-301-and-20016\/","title":{"rendered":"TippingPoint vulnerability patched in Firefox 3.0.1 and 2.0.0.16"},"content":{"rendered":"<p><strong>Issue<\/strong><\/p>\n<p>A vulnerability in the way Firefox handles CSS allows an attacker to take advantage of an integer overflow and execute arbitrary code.\u00a0 In order for the attack to be successful a user must browse to a malicious site.\u00a0 The advisory is available <a href=\"http:\/\/www.mozilla.org\/security\/announce\/2008\/mfsa2008-34.html\">here<\/a>.<\/p>\n<p><strong>Impact<\/strong><\/p>\n<p>This critical vulnerability was reported to Mozilla before details were available publicly.\u00a0 By keeping the details of the issue private until the issue was patched, TippingPoint and Mozilla were able to keep the risk to users minimal.<\/p>\n<p><strong>Status<\/strong><\/p>\n<p>This issue is patched in Firefox 3.0.1 and 2.0.0.16 which are now available.\u00a0 Users will be prompted to install the update through the automatic update feature.\u00a0 If you would like to update now, select &#8220;Check for Updates&#8221; from the Help menu.<\/p>\n<p><strong>Credit<\/strong><\/p>\n<p>An anonymous reporter found this vulnerability and reported it to TippingPoint.\u00a0 TippingPoint reported it to Mozilla.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Issue A vulnerability in the way Firefox handles CSS allows an attacker to take advantage of an integer overflow and execute arbitrary code.\u00a0 In order for the attack to be &hellip; <a class=\"go\" href=\"https:\/\/blog.mozilla.org\/security\/2008\/07\/16\/tippingpoint-vulnerability-patched-in-firefox-301-and-20016\/\">Read more<\/a><\/p>\n","protected":false},"author":48,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[30,69,73],"tags":[],"coauthors":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>TippingPoint vulnerability patched in Firefox 3.0.1 and 2.0.0.16 - Mozilla Security Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.mozilla.org\/security\/2008\/07\/16\/tippingpoint-vulnerability-patched-in-firefox-301-and-20016\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Window Snyder\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/2008\/07\/16\/tippingpoint-vulnerability-patched-in-firefox-301-and-20016\/\",\"url\":\"https:\/\/blog.mozilla.org\/security\/2008\/07\/16\/tippingpoint-vulnerability-patched-in-firefox-301-and-20016\/\",\"name\":\"TippingPoint vulnerability patched in Firefox 3.0.1 and 2.0.0.16 - Mozilla Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/#website\"},\"datePublished\":\"2008-07-16T21:15:19+00:00\",\"dateModified\":\"2008-07-16T21:25:58+00:00\",\"author\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/bcfe8d4a8562282caf71ca487f4a36f5\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/2008\/07\/16\/tippingpoint-vulnerability-patched-in-firefox-301-and-20016\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.mozilla.org\/security\/2008\/07\/16\/tippingpoint-vulnerability-patched-in-firefox-301-and-20016\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/2008\/07\/16\/tippingpoint-vulnerability-patched-in-firefox-301-and-20016\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.mozilla.org\/security\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"TippingPoint vulnerability patched in Firefox 3.0.1 and 2.0.0.16\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#website\",\"url\":\"https:\/\/blog.mozilla.org\/security\/\",\"name\":\"Mozilla Security Blog\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.mozilla.org\/security\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/bcfe8d4a8562282caf71ca487f4a36f5\",\"name\":\"Window Snyder\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/image\/ac9103056fd345532d56198464860a0a\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/73de47c5d7f96fbe0d5058c37ae1fefc?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/73de47c5d7f96fbe0d5058c37ae1fefc?s=96&d=identicon&r=g\",\"caption\":\"Window Snyder\"},\"sameAs\":[\"http:\/\/blog.mozilla.org\/security\/\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"TippingPoint vulnerability patched in Firefox 3.0.1 and 2.0.0.16 - Mozilla Security Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.mozilla.org\/security\/2008\/07\/16\/tippingpoint-vulnerability-patched-in-firefox-301-and-20016\/","twitter_misc":{"Written by":"Window Snyder","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/blog.mozilla.org\/security\/2008\/07\/16\/tippingpoint-vulnerability-patched-in-firefox-301-and-20016\/","url":"https:\/\/blog.mozilla.org\/security\/2008\/07\/16\/tippingpoint-vulnerability-patched-in-firefox-301-and-20016\/","name":"TippingPoint vulnerability patched in Firefox 3.0.1 and 2.0.0.16 - Mozilla Security Blog","isPartOf":{"@id":"https:\/\/blog.mozilla.org\/security\/#website"},"datePublished":"2008-07-16T21:15:19+00:00","dateModified":"2008-07-16T21:25:58+00:00","author":{"@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/bcfe8d4a8562282caf71ca487f4a36f5"},"breadcrumb":{"@id":"https:\/\/blog.mozilla.org\/security\/2008\/07\/16\/tippingpoint-vulnerability-patched-in-firefox-301-and-20016\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.mozilla.org\/security\/2008\/07\/16\/tippingpoint-vulnerability-patched-in-firefox-301-and-20016\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.mozilla.org\/security\/2008\/07\/16\/tippingpoint-vulnerability-patched-in-firefox-301-and-20016\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.mozilla.org\/security\/"},{"@type":"ListItem","position":2,"name":"TippingPoint vulnerability patched in Firefox 3.0.1 and 2.0.0.16"}]},{"@type":"WebSite","@id":"https:\/\/blog.mozilla.org\/security\/#website","url":"https:\/\/blog.mozilla.org\/security\/","name":"Mozilla Security Blog","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.mozilla.org\/security\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/bcfe8d4a8562282caf71ca487f4a36f5","name":"Window Snyder","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/image\/ac9103056fd345532d56198464860a0a","url":"https:\/\/secure.gravatar.com\/avatar\/73de47c5d7f96fbe0d5058c37ae1fefc?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/73de47c5d7f96fbe0d5058c37ae1fefc?s=96&d=identicon&r=g","caption":"Window Snyder"},"sameAs":["http:\/\/blog.mozilla.org\/security\/"]}]}},"_links":{"self":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts\/38"}],"collection":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/users\/48"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/comments?post=38"}],"version-history":[{"count":0,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts\/38\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/media?parent=38"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/categories?post=38"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/tags?post=38"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/coauthors?post=38"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}