Certain Mozilla products contain a denial-of-service vulnerability.
Certain Mozilla products contain a denial-of-service vulnerability that occurs because of an infinite loop in the js_dtoa function. Mozilla Firefox versions prior to 220.127.116.11, Thunderbird prior to 18.104.22.168, and other Mozilla products may be affected.
According to Mozilla Foundation Security Advisory 2006-68:
A remote unauthenticated attacker may be able to cause a denial-of-service condition.
The Mozilla Foundation has released upgrades that address this issue. See Mozilla Foundation Security Advisory 2006-68 for more information.
Thanks to Igor Bukanov, Jesse Ruderman, moz_bug_r_a4, Mozilla for providing information that was used in this report.
This document was written by Ryan Giobbi.
|Date First Published:||2007-01-18|
|Date Last Updated:||2007-06-04 14:16 UTC|