CVE Database


Impact: Critical
Public: 2006-07-26


The MITRE CVE dictionary describes this issue as:

Multiple vulnerabilities in Mozilla Firefox before, Thunderbird before, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) "anonymous box selectors outside of UA stylesheets," (5) stale references to "removed nodes," and (6) running the crypto.generateCRMFRequest callback on deleted context.

Find out more about CVE-2006-3811 from the MITRE CVE dictionary and NIST NVD.

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux version 2.1 (seamonkey) RHSA-2006:0594 August 28, 2006
Red Hat Enterprise Linux version 3 (seamonkey) RHSA-2006:0608 July 27, 2006
Red Hat Enterprise Linux version 4 RHSA-2006:0609 August 02, 2006
Red Hat Enterprise Linux version 4 (firefox) RHSA-2006:0610 July 28, 2006
Red Hat Enterprise Linux version 4 (thunderbird) RHSA-2006:0611 July 29, 2006

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.