Vulnerability Note VU#179014

Mozilla CSS integer overflow vulnerability

Original Release date: 17 Apr 2006 | Last revised: 17 May 2006

Overview

Mozilla products contain an integer overflow that could allow a remote, unauthenticated attacker to execute arbitrary code.

Description

Cascading Style Sheets

CSS is a mechanism for adding style to web documents.

The problem

Mozilla products contain an integer overflow in the CSS letter spacing property. This may allow a remote attacker to manipulate memory allocation routines to create an undersized buffer. When data is copied to this buffer, a heap-based buffer overflow may occur.

For a list of affected, products refer to Mozilla Foundation Security Advisory 2006-22.

Impact

If an attacker can persuade a user to access a specially crafted web page, that attacker may be able to execute arbitrary code.

Solution

Upgrade
Refer to Mozilla Foundation Security Advisory 2006-22 for fixed versions of Mozilla products.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Mozilla, Inc.Affected-17 Apr 2006
Red Hat, Inc.Affected-17 May 2006
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

This vulnerability was reported in Mozilla Foundation Security Advisory 2006-22.

This document was written by Jeff Gennari.

Other Information

  • CVE IDs: CVE-2006-1730
  • Date Public: 13 Apr 2006
  • Date First Published: 17 Apr 2006
  • Date Last Updated: 17 May 2006
  • Severity Metric: 31.40
  • Document Revision: 19

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.