Red Hat Customer Portal

Skip to main content

CVE-2006-3811

Impact:
Critical
Public Date:
2006-07-26

The MITRE CVE dictionary describes this issue as:

Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) "anonymous box selectors outside of UA stylesheets," (5) stale references to "removed nodes," and (6) running the crypto.generateCRMFRequest callback on deleted context.

Find out more about CVE-2006-3811 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 RHSA-2006:0609 2006-08-02
Red Hat Enterprise Linux 2.1 RHSA-2006:0594 2006-08-28
Red Hat Enterprise Linux 4 (thunderbird) RHSA-2006:0611 2006-07-29
Red Hat Enterprise Linux 4 (firefox) RHSA-2006:0610 2006-07-28
Red Hat Enterprise Linux 3 (seamonkey) RHSA-2006:0608 2006-07-27

Affected Packages State

Platform Package State
Red Hat Enterprise Linux version 4 seamonkey 1.0.3-0.el4.1 Fixed
Red Hat Enterprise Linux version 4 devhelp 0.10-0.2.el4 Fixed

Last Modified