CVE-2006-6499 Information

Description

The js_dtoa function in Mozilla Firefox 2.x before 2.0.0.1 1.5.x before 1.5.0.9 Thunderbird before 1.5.0.9 and SeaMonkey before 1.0.7 overwrites memory instead of exiting when the floating point precision is reduced which allows remote attackers to cause a denial of service via any plugins that reduce the precision.

Reference

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 http://secunia.com/advisories/23282 http://secunia.com/advisories/23420 http://secunia.com/advisories/23422 http://secunia.com/advisories/23545 http://secunia.com/advisories/23589 http://secunia.com/advisories/23591 http://secunia.com/advisories/23614 http://secunia.com/advisories/23672 http://secunia.com/advisories/23692 http://secunia.com/advisories/23988 http://secunia.com/advisories/24078 http://secunia.com/advisories/24390 http://security.gentoo.org/glsa/glsa-200701-02.xml http://securitytracker.com/id?1017398 http://securitytracker.com/id?1017405 http://securitytracker.com/id?1017406 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102846-1 http://www.debian.org/security/2007/dsa-1253 http://www.debian.org/security/2007/dsa-1258 http://www.debian.org/security/2007/dsa-1265 http://www.gentoo.org/security/en/glsa/glsa-200701-04.xml http://www.kb.cert.org/vuls/id/427972 http://www.mozilla.org/security/announce/2006/mfsa2006-68.html http://www.novell.com/linux/security/advisories/2006_80_mozilla.html http://www.novell.com/linux/security/advisories/2007_06_mozilla.html http://www.securityfocus.com/bid/21668 http://www.ubuntu.com/usn/usn-398-1 http://www.ubuntu.com/usn/usn-398-2 http://www.ubuntu.com/usn/usn-400-1 http://www.us-cert.gov/cas/techalerts/TA06-354A.html http://www.vupen.com/english/advisories/2006/5068 http://www.vupen.com/english/advisories/2007/1124 http://www.vupen.com/english/advisories/2008/0083