FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2006-3811

This CVE name corresponds to:

Entered Topic
2006-07-27 mozilla -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2006-3811 at cve.mitre.org

Details

Type Candidate
Name CVE-2006-3811
Phase Assigned(20060724)

Description

Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) "anonymous box selectors outside of UA stylesheets," (5) stale references to "removed nodes," and (6) running the crypto.generateCRMFRequest callback on deleted context.

References

Source Reference
BUGTRAQ 20060727 rPSA-2006-0137-1 firefox
CONFIRM http://www.mozilla.org/security/announce/2006/mfsa2006-55.html
CONFIRM https://issues.rpath.com/browse/RPL-536
CONFIRM https://issues.rpath.com/browse/RPL-537
DEBIAN DSA-1161
GENTOO GLSA-200608-02
GENTOO GLSA-200608-04
GENTOO GLSA-200608-03
HP HPSBUX02153
HP SSRT061181
HP HPSBUX02156
HP SSRT061236
MANDRIVA MDKSA-2006:143
MANDRIVA MDKSA-2006:145
MANDRIVA MDKSA-2006:146
REDHAT RHSA-2006:0608
REDHAT RHSA-2006:0610
REDHAT RHSA-2006:0611
REDHAT RHSA-2006:0609
REDHAT RHSA-2006:0594
SGI 20060703-01-P
SUNALERT 102971
SUSE SUSE-SA:2006:048
UBUNTU USN-327-1
UBUNTU USN-329-1
UBUNTU USN-350-1
UBUNTU USN-354-1
UBUNTU USN-361-1
CERT TA06-208A
CERT-VN VU#527676
BID 19181
OVAL oval:org.mitre.oval:def:9934
VUPEN ADV-2006-2998
VUPEN ADV-2006-3748
VUPEN ADV-2006-3749
VUPEN ADV-2007-2350
VUPEN ADV-2008-0083
SECTRACK 1016586
SECTRACK 1016587
SECTRACK 1016588
SECUNIA 19873
SECUNIA 21216
SECUNIA 21228
SECUNIA 21229
SECUNIA 21246
SECUNIA 21243
SECUNIA 21269
SECUNIA 21270
SECUNIA 21275
SECUNIA 21336
SECUNIA 21358
SECUNIA 21361
SECUNIA 21250
SECUNIA 21262
SECUNIA 21343
SECUNIA 21529
SECUNIA 21532
SECUNIA 21607
SECUNIA 21631
SECUNIA 21675
SECUNIA 22055
SECUNIA 22210
SECUNIA 22342
SECUNIA 22065
SECUNIA 22066
SECUNIA 25839
XF mozilla-multiple-memory-corruption(27992)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.