Integer Overflow Vulnerability in Mozilla Firefox and Thunderbird
CVE-2006-1737

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox; Thunderbird; Seamonkey; Mozilla Suite
Vendor: CVE Published:; 14 April 2006

What is CVE-2006-1737?

An integer overflow vulnerability affects multiple versions of Mozilla Firefox, Thunderbird, Javascript in Mozilla Suite, and SeaMonkey. By exploiting this flaw, remote attackers can leverage specially crafted JavaScript containing large regular expressions, leading to a denial of service through application crashes. In some scenarios, this vulnerability might also allow execution of arbitrary bytecode, further compromising user systems. It is crucial to keep all affected products up to date to mitigate the risks associated with this vulnerability.

References

https://usn.ubuntu.com/275-1/

vendor-advisoryx_refsource_UBUNTU

https://exchange.xforce.ibmcloud.com/vulnerabilities/25808

vdb-entryx_refsource_XF

http://www.redhat.com/support/errata/RHSA-2006-0330.html

vendor-advisoryx_refsource_REDHAT

EPSS Score

26% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 14, 2006
Vulnerability Reserved
Apr 12, 2006