CVE Reference: CVE-2006-6500

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2006-6500

Description:
Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by setting the CSS cursor to certain images that cause an incorrect size calculation when converting to a Windows bitmap.

CVE Status:
Candidate

References:

SUSE
  http://www.novell.com/linux/security/advisories/2007_06_mozilla.html
  http://www.novell.com/linux/security/advisories/2006_80_mozilla.html

ST
  1017399
  1017400
  1017401

SAID
  Secunia Advisory: SA23282
  Secunia Advisory: SA23420
  Secunia Advisory: SA23422
  Secunia Advisory: SA23545
  Secunia Advisory: SA23598
  Secunia Advisory: SA23614
  Secunia Advisory: SA23692
  Secunia Advisory: SA23672

MANDRIVA
  http://www.mandriva.com/security/advisories?name=MDKSA-2007:010
  http://www.mandriva.com/security/advisories?name=MDKSA-2007:011

HP
  http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

GENTOO
  http://www.gentoo.org/security/en/glsa/glsa-200701-03.xml
  http://www.gentoo.org/security/en/glsa/glsa-200701-04.xml
  http://security.gentoo.org/glsa/glsa-200701-02.xml

CONFIRM
  http://www.mozilla.org/security/announce/2006/mfsa2006-69.html

CERT-VN
  722244

CERT
  http://www.us-cert.gov/cas/techalerts/TA06-354A.html

BID
  21668


Return to the previous page.