CVE-2006-0297 Information
Description
Multiple integer overflows in Mozilla Firefox 1.5 Thunderbird 1.5 if Javascript is enabled in mail and SeaMonkey before 1.0 might allow remote attackers to execute arbitrary code via the (1) EscapeAttributeValue in jsxml.c for E4X (2) nsSVGCairoSurface::Init in SVG and (3) nsCanvasRenderingContext2D.cpp in Canvas.
Reference
http://secunia.com/advisories/18700 http://secunia.com/advisories/18704 http://secunia.com/advisories/22065 http://securitytracker.com/id?1015570 http://www.mozilla.org/security/announce/2006/mfsa2006-06.html http://www.securityfocus.com/archive/1/446657/100/200/threaded http://www.securityfocus.com/bid/16476 http://www.vupen.com/english/advisories/2006/0413 http://www.vupen.com/english/advisories/2006/3749 https://bugzilla.mozilla.org/show_bug.cgi?id=319872 https://bugzilla.mozilla.org/show_bug.cgi?id=322215 https://exchange.xforce.ibmcloud.com/vulnerabilities/24435 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A1339
Share on: