You are here

CVE-2006-0749

Vincent (CVE) Danen's picture
nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors involving a "particular sequence of HTML tags" that leads to memory corruption.

Details Source

Mitre

Public Date

2006-04-14 00:00:00

Impact

Critical

Bugzilla

CVE-2006-0749 Firefox Tag Order Vulnerability

Bugzilla ID

183 537

CVSS Status

draft

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 RHSA-2006:0329 2006-04-18
Red Hat Enterprise Linux 3 (mozilla) RHSA-2006:0329 2006-04-18
Red Hat Enterprise Linux 2.1 RHSA-2006:0329 2006-04-18
Red Hat Enterprise Linux 4 (thunderbird) RHSA-2006:0330 2006-04-21
Red Hat Enterprise Linux 4 (firefox) RHSA-2006:0328 2006-04-14

Affected Packages State

Platform Package State
Red Hat Enterprise Linux version 4 devhelp 0.9.2-2.4.8 Fixed
Red Hat Enterprise Linux version 4 mozilla 1.7.13-1.4.1 Fixed