CVE-2006-0295 Information
Description
Mozilla Firefox 1.5 Thunderbird 1.5 if Javascript is enabled in mail and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the QueryInterface method of the built-in Location and Navigator objects which leads to memory corruption.
Reference
http://secunia.com/advisories/18700 http://secunia.com/advisories/18704 http://secunia.com/advisories/22065 http://securitytracker.com/id?1015570 http://www.kb.cert.org/vuls/id/759273 http://www.mozilla.org/security/announce/2006/mfsa2006-04.html http://www.securityfocus.com/archive/1/446657/100/200/threaded http://www.securityfocus.com/bid/16476 http://www.us-cert.gov/cas/techalerts/TA06-038A.html http://www.vupen.com/english/advisories/2006/0413 http://www.vupen.com/english/advisories/2006/3749 https://bugzilla.mozilla.org/show_bug.cgi?id=319296 https://exchange.xforce.ibmcloud.com/vulnerabilities/24433 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1562
Share on: