Vulnerability Note VU#492382
The risk appears remote, but this type of memory corruption could potentially be used by an attacker to run arbitrary code including the installation of malware.
A remote attacker may be able to run code of their choosing on an affected system. The attacker-supplied code would be executed with the permissions of the user running the vulnerable program.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Mozilla, Inc.||Affected||17 Apr 2006||17 Apr 2006|
|Red Hat, Inc.||Affected||-||17 Apr 2006|
CVSS Metrics (Learn More)
Thanks to Mozilla Foundation Security Advisory for reporting this vulnerability. The Mozilla Foundation, in turn, credits Igor Bukanov with reporting this issue to them.
This document was written by Chad Dougherty based upon information supplied by the Mozilla Foundation.
- CVE IDs: CVE-2006-1742
- Date Public: 13 Apr 2006
- Date First Published: 17 Apr 2006
- Date Last Updated: 17 Apr 2006
- Severity Metric: 12.96
- Document Revision: 2
If you have feedback, comments, or additional information about this vulnerability, please send us email.