Description
Memory leak in Libxul, as used in Mozilla Firefox 3.0.5 and other products, allows remote attackers to cause a denial of service (memory consumption and browser hang) via a long CLASS attribute in an HR element in an HTML document.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/47758
Exploit x_refsource_misc
http://www.packetstormsecurity.org/0812-exploits/mzff_libxul_ml.txt
Various Sources x_refsource_misc
http://jbrownsec.blogspot.com/2008/12/new-year-research-are-upon-us.html
Scores
EPSS
0.0207
EPSS Percentile
79.3%
Details
CWE
CWE-399
Status
published
Products (1)
mozilla/libxul
Published
Jan 02, 2009
Tracked Since
Feb 18, 2026