CVE-2006-1730

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox; Thunderbird; Seamonkey; Mozilla Suite
Vendor: CVE Published:; 14 April 2006

Summary

Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow.

References

http://www.mozilla.org/security/announce/2006/mfsa2006-22...

x_refsource_CONFIRM

https://usn.ubuntu.com/275-1/

vendor-advisoryx_refsource_UBUNTU

http://www.vupen.com/english/advisories/2006/3748

vdb-entryx_refsource_VUPEN

EPSS Score

96% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 14, 2006
Vulnerability Reserved
Apr 12, 2006