CVE-2006-2779

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 1.5.0.4 Mozilla Thunderbird versions prior to 1.5.0.4

Description The issue allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. This can be achieved through various means, including nested <option> tags in a select tag, a DOMNodeRemoved mutation event, Content-implemented tree views, BoxObjects, the XBL implementation, or an iframe that attempts to remove itself, leading to memory corruption.

Recommendations For Mozilla Firefox versions prior to 1.5.0.4, update to version 1.5.0.4 or later to resolve the issue. For Mozilla Thunderbird versions prior to 1.5.0.4, update to version 1.5.0.4 or later to resolve the issue.