Memory Corruption in Mozilla Products Due to JavaScript Engine Issues
CVE-2006-1742

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox; Mozilla Suite; Thunderbird; Seamonkey
Vendor: CVE Published:; 14 April 2006

Summary

The vulnerability arises from the JavaScript engine in various versions of Mozilla's products, which fails to adequately manage temporary variables leading to insufficient garbage collection. This oversight allows remote attackers to potentially exploit the flaw by triggering operations on freed memory, potentially resulting in memory corruption. This issue affects users of Mozilla Firefox, Thunderbird, Mozilla Suite, and SeaMonkey, making it critical for users to apply security updates and mitigate risk.

References

https://usn.ubuntu.com/275-1/

vendor-advisoryx_refsource_UBUNTU

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.redhat.com/support/errata/RHSA-2006-0330.html

vendor-advisoryx_refsource_REDHAT

EPSS Score

13% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 14, 2006
Vulnerability Reserved
Apr 12, 2006