CVE Database

CVE-2006-2779

Impact: Critical
Public: 2006-06-02

Details

The MITRE CVE dictionary describes this issue as:

Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested <option> tags in a select tag, (2) a DOMNodeRemoved mutation event, (3) "Content-implemented tree views," (4) BoxObjects, (5) the XBL implementation, (6) an iframe that attempts to remove itself, which leads to memory corruption.

Find out more about CVE-2006-2779 from the MITRE CVE dictionary and NIST NVD.

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux version 2.1 (seamonkey) RHSA-2006:0594 August 28, 2006
Red Hat Enterprise Linux version 3 (seamonkey) RHSA-2006:0578 July 20, 2006
Red Hat Enterprise Linux version 4 RHSA-2006:0609 August 02, 2006
Red Hat Enterprise Linux version 4 (firefox) RHSA-2006:0610 July 28, 2006
Red Hat Enterprise Linux version 4 (thunderbird) RHSA-2006:0611 July 29, 2006

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.