The MITRE CVE dictionary describes this issue as:
Mozilla Firefox and Thunderbird before 126.96.36.199 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested <option> tags in a select tag, (2) a DOMNodeRemoved mutation event, (3) "Content-implemented tree views," (4) BoxObjects, (5) the XBL implementation, (6) an iframe that attempts to remove itself, which leads to memory corruption.
Red Hat security errata
|Red Hat Enterprise Linux version 2.1 (seamonkey)||RHSA-2006:0594||August 28, 2006|
|Red Hat Enterprise Linux version 3 (seamonkey)||RHSA-2006:0578||July 20, 2006|
|Red Hat Enterprise Linux version 4||RHSA-2006:0609||August 02, 2006|
|Red Hat Enterprise Linux version 4 (firefox)||RHSA-2006:0610||July 28, 2006|
|Red Hat Enterprise Linux version 4 (thunderbird)||RHSA-2006:0611||July 29, 2006|
This page is generated automatically and has not been checked for errors or omissions.
For clarification or corrections please contact the Red Hat Security Response Team.