PT-2006-2731 · Mozilla+2 · Firefox+5
Pavel Penaz
·
Published
2006-04-14
·
Updated
2018-10-18
·
CVE-2006-1739
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Mozilla Firefox versions 1.0.x through 1.0.7
Mozilla Firefox versions 1.x through 1.4
Mozilla Thunderbird versions 1.0.x through 1.0.7
Mozilla Thunderbird versions 1.x through 1.4
Mozilla Suite versions prior to 1.7.13
SeaMonkey versions prior to 1.0
Description:
The issue is related to the CSS border-rendering code, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain Cascading Style Sheets (CSS) that cause an out-of-bounds array write and buffer overflow.
Recommendations:
For Mozilla Firefox versions 1.0.x through 1.0.7, update to version 1.0.8 or later.
For Mozilla Firefox versions 1.x through 1.4, update to version 1.5 or later.
For Mozilla Thunderbird versions 1.0.x through 1.0.7, update to version 1.0.8 or later.
For Mozilla Thunderbird versions 1.x through 1.4, update to version 1.5 or later.
For Mozilla Suite versions prior to 1.7.13, update to version 1.7.13 or later.
For SeaMonkey versions prior to 1.0, update to version 1.0 or later.
Fix
DoS
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hp-Ux
Firefox
Suite
Thunderbird
Red Hat
Seamonkey