| Name | XML.Nested.Tags.Handling.Race.Condition.Memory.Corruption |
| Alias/es | Mozilla.Firefox.Javascript.Handler.Memory.Corruption |
| Last Updated Date | Nov 13, 2008 |
| Release Date | Sep 17, 2006 |
| Severity | High |
| Impact | System Compromise: Remote attackers can gain control of vulnerable systems.
Denial of Service. |
| Description | This indicates an attack attempt against a memory-corruption vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey.
This vulnerability is caused by the application's failure to properly free structures. A remote attacker may exploit this to execute arbitrary code or cause a denial-of-service condition. |
| Affected Products | Mozilla Firefox version 1.5.0.7 and prior
Mozilla Thunderbird version 1.5.0.7 and prior
Mozilla SeaMonkey version 1.0.5 and prior |
| Recommended Actions | Upgrade the software to the latest version:
http://www.mozilla.org/products/ |
| Common Vulnerabilities and Exposures (CVE) | http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-4253
|
| Reference/s | http://www.securityfocus.com/bid/19488 (BugTraq)
http://www.vupen.com/english/advisories/2006/3617
|