Red Hat Customer Portal

Skip to main content

CVE-2006-4566

Mozilla Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause a denial of service (crash) via a malformed JavaScript regular expression that ends with a backslash in an unterminated character set ("[\\\\"), which leads to a buffer over-read.

Details Source

Mitre

Impact

Critical

CVSS Status

draft

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 (thunderbird) RHSA-2006:0677 2006-09-15
Red Hat Enterprise Linux 3 (seamonkey) RHSA-2006:0676 2006-09-15
Red Hat Enterprise Linux 4 (firefox) RHSA-2006:0675 2006-09-15
Red Hat Enterprise Linux 2.1 (seamonkey) RHSA-2006:0676 2006-09-15
Red Hat Enterprise Linux 4 RHSA-2006:0676 2006-09-15

Affected Packages State

Platform Package State
Red Hat Enterprise Linux version 4 seamonkey 1.0.5-0.1.el4 Fixed
Red Hat Enterprise Linux version 4 devhelp 0.10-0.4.el4 Fixed