[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Mozilla Deleted Object Reference When designMode="on"

ID: oval:org.mitre.oval:def:1790Date: (C)2006-05-07   (M)2024-03-27
Class: VULNERABILITYFamily: windows




Mozilla Firefox 1.5.0.2, when designMode is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain Javascript that is not properly handled by the contentWindow.focus method in an iframe, which causes a reference to a deleted controller context object. NOTE: this was originally claimed to be a buffer overflow in (1) js320.dll and (2) xpcom_core.dll, but the vendor disputes this claim.

Platform:
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows Server 2008 R2
Product:
Mozilla
Reference:
CVE-2006-1993
CVE    1
CVE-2006-1993
CPE    2
cpe:/a:mozilla:firefox:::x86
cpe:/a:mozilla:firefox:1.5.0.2

© SecPod Technologies