Published:2010/06/14  Last Updated:2010/06/17

JVN#67120749
Multiple vulnerabilities in ActiveGeckoBrowser

Overview

ActiveGeckoBrowser from Fenrir Inc. contains multiple vulnerabilities.

Products Affected

  • ActiveGeckoBrowser

Description

ActiveGeckoBrowser from Fenrir Inc. is a plugin that adds the Gecko rendering engine to the Sleipnir web browser. ActiveGeckoBrowser contains multiple vulnerabilities caused by the Gecko engine.

Impact

A remote attacker may execute an arbitrary code or script, or conduct a denial of service (DoS) attack.

Solution

Do not use ActiveGeckoBrowser
Do not use ActiveGeckoBrowser until an update is provided.
For more information, refer to the vendor's website.

Vendor Status

Vendor Status Last Update Vendor Notes
Fenrir Inc. Vulnerable 2010/06/14

References

JPCERT/CC Addendum

Credit

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2010-2420
JVN iPedia JVNDB-2010-000025

Update History